CVE-1999-0080

CVSS 2.0 Score 10 of 10 (high)

Details

Published Nov 30, 1995
Updated: Nov 20, 2024

Summary

CVE-1999-0080 is a vulnerability affecting certain configurations of the wu-ftp FTP server version 2.4. The issue arises due to the _PATH_EXECPATH setting being set to a risky directory, such as /bin. This vulnerability enables remote authenticated users to execute dangerous commands, including gaining root access through the "site exec" command. The exploitation of this vulnerability can lead to serious security implications for affected systems. It is recommended that affected organizations update their wu-ftp FTP server to a secure version or apply the necessary patches to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share