CVE-1999-0880

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Oct 1, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-0880 is a denial-of-service vulnerability affecting the WU-FTPD software. The issue lies in the SITE NEWER command, which fails to properly free memory after use. An attacker can exploit this flaw by sending specially crafted commands to the FTP server, resulting in a denial-of-service condition due to exhausted memory resources. This vulnerability poses a potential threat to systems running WU-FTPD and emphasizes the importance of applying available patches to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share