CVE-2000-0573 - Vulnerability Details - OpenCVE

ReportizFlow

The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hp	Hp-ux

Configuration 1 [-]

cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*

No data.

References

Link	Providers
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1
ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc
http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html
http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html
http://marc.info/?l=bugtraq&m=96171893218000&w=2
http://marc.info/?l=bugtraq&m=96179429114160&w=2
http://marc.info/?l=bugtraq&m=96299933720862&w=2
http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txt
http://www.cert.org/advisories/CA-2000-13.html
http://www.redhat.com/support/errata/RHSA-2000-039.html
http://www.securityfocus.com/bid/1387
http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/4773
https://nvd.nist.gov/vuln/detail/CVE-2000-0573
https://www.cve.org/CVERecord?id=CVE-2000-0573

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2001-05-07T04:00:00

Updated: 2024-08-08T05:21:31.219Z

Reserved: 2000-07-19T00:00:00

Link: CVE-2000-0573

Vulnrichment

No data.

NVD

Status : Modified

Published: 2000-07-07T04:00:00.000

Modified: 2024-11-20T23:32:48.520

Link: CVE-2000-0573

Redhat

Severity :

Publid Date: 2000-06-23T00:00:00Z

Links: CVE-2000-0573 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2000-06-23T00:00:00", "descriptions": [{"lang": "en", "value": "The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "CA-2000-13", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.cert.org/advisories/CA-2000-13.html"}, {"name": "20000707 New Released Version of the WuFTPD Sploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=96299933720862&w=2"}, {"name": "RHSA-2000:039", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2000-039.html"}, {"name": "CSSA-2000-020.0", "tags": ["vendor-advisory", "x_refsource_CALDERA"], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txt"}, {"name": "20000622 WuFTPD: Providing *remote* root since at least1994", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=96171893218000&w=2"}, {"name": "20000702 [Security Announce] wu-ftpd update", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html"}, {"name": "20000723 CONECTIVA LINUX SECURITY ANNOUNCEMENT - WU-FTPD (re-release)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html"}, {"name": "1387", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/1387"}, {"name": "FreeBSD-SA-00:29", "tags": ["vendor-advisory", "x_refsource_FREEBSD"], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1"}, {"name": "AA-2000.02", "tags": ["third-party-advisory", "x_refsource_AUSCERT"], "url": "ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02"}, {"name": "20000623 WUFTPD 2.6.0 remote root exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=96179429114160&w=2"}, {"name": "NetBSD-SA2000-009", "tags": ["vendor-advisory", "x_refsource_NETBSD"], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc"}, {"name": "20000623 ftpd: the advisory version", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.com"}, {"name": "wuftp-format-string-stack-overwrite(4773)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4773"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2000-0573", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "CA-2000-13", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2000-13.html"}, {"name": "20000707 New Released Version of the WuFTPD Sploit", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=96299933720862&w=2"}, {"name": "RHSA-2000:039", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-039.html"}, {"name": "CSSA-2000-020.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txt"}, {"name": "20000622 WuFTPD: Providing *remote* root since at least1994", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=96171893218000&w=2"}, {"name": "20000702 [Security Announce] wu-ftpd update", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html"}, {"name": "20000723 CONECTIVA LINUX SECURITY ANNOUNCEMENT - WU-FTPD (re-release)", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html"}, {"name": "1387", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1387"}, {"name": "FreeBSD-SA-00:29", "refsource": "FREEBSD", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1"}, {"name": "AA-2000.02", "refsource": "AUSCERT", "url": "ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02"}, {"name": "20000623 WUFTPD 2.6.0 remote root exploit", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=96179429114160&w=2"}, {"name": "NetBSD-SA2000-009", "refsource": "NETBSD", "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc"}, {"name": "20000623 ftpd: the advisory version", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/templates/archive.pike?list=1&[email protected]"}, {"name": "wuftp-format-string-stack-overwrite(4773)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4773"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T05:21:31.219Z"}, "title": "CVE Program Container", "references": [{"name": "CA-2000-13", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.cert.org/advisories/CA-2000-13.html"}, {"name": "20000707 New Released Version of the WuFTPD Sploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=96299933720862&w=2"}, {"name": "RHSA-2000:039", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2000-039.html"}, {"name": "CSSA-2000-020.0", "tags": ["vendor-advisory", "x_refsource_CALDERA", "x_transferred"], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txt"}, {"name": "20000622 WuFTPD: Providing *remote* root since at least1994", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=96171893218000&w=2"}, {"name": "20000702 [Security Announce] wu-ftpd update", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html"}, {"name": "20000723 CONECTIVA LINUX SECURITY ANNOUNCEMENT - WU-FTPD (re-release)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html"}, {"name": "1387", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/1387"}, {"name": "FreeBSD-SA-00:29", "tags": ["vendor-advisory", "x_refsource_FREEBSD", "x_transferred"], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1"}, {"name": "AA-2000.02", "tags": ["third-party-advisory", "x_refsource_AUSCERT", "x_transferred"], "url": "ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02"}, {"name": "20000623 WUFTPD 2.6.0 remote root exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=96179429114160&w=2"}, {"name": "NetBSD-SA2000-009", "tags": ["vendor-advisory", "x_refsource_NETBSD", "x_transferred"], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc"}, {"name": "20000623 ftpd: the advisory version", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.com"}, {"name": "wuftp-format-string-stack-overwrite(4773)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4773"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0573", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2000-07-19T00:00:00", "dateUpdated": "2024-08-08T05:21:31.219Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command."}], "id": "CVE-2000-0573", "lastModified": "2024-11-20T23:32:48.520", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2000-07-07T04:00:00.000", "references": [{"source": "[email protected]", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1"}, {"source": "[email protected]", "url": "ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02"}, {"source": "[email protected]", "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc"}, {"source": "[email protected]", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html"}, {"source": "[email protected]", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html"}, {"source": "[email protected]", "url": "http://marc.info/?l=bugtraq&m=96171893218000&w=2"}, {"source": "[email protected]", "url": "http://marc.info/?l=bugtraq&m=96179429114160&w=2"}, {"source": "[email protected]", "url": "http://marc.info/?l=bugtraq&m=96299933720862&w=2"}, {"source": "[email protected]", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txt"}, {"source": "[email protected]", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.cert.org/advisories/CA-2000-13.html"}, {"source": "[email protected]", "url": "http://www.redhat.com/support/errata/RHSA-2000-039.html"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/bid/1387"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.com"}, {"source": "[email protected]", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4773"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=96171893218000&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=96179429114160&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=96299933720862&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.cert.org/advisories/CA-2000-13.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-039.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1387"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.com"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4773"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "[email protected]", "type": "Primary"}]}