CVE-2005-3081

wzdftpd 0.5.4 - Command Injection

Title source: llm

Description

wzdftpd 0.5.4 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the SITE command.

Exploits (2)

exploitdb WORKING POC VERIFIED

by David Maciejak · remotemultiple

https://www.exploit-db.com/exploits/1292

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by kingcope · perlremotelinux

https://www.exploit-db.com/exploits/1231

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] http://www.osvdb.org/19682

[Exploit, Vendor Advisory] http://www.securiteam.com/exploits/5CP0R1PGUE.html

[Third Party Advisory] http://www.debian.org/security/2006/dsa-1006

[Vendor Advisory] http://secunia.com/advisories/16936

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/14935

[Third Party Advisory] http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0646.html

Scores

EPSS 0.3998

EPSS Percentile 97.3%

Details

Status published

Products (1)

wzdftpd/wzdftpd 0.5.4

Published Sep 27, 2005

Tracked Since Feb 18, 2026