CVE-2001-0187

N/A Unknown

Published: March 26, 2001 Modified: April 16, 2026

Description

Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000443

Source: cve@mitre.org

http://www.debian.org/security/2001/dsa-016

Source: cve@mitre.org

http://www.securityfocus.com/bid/2296

Source: cve@mitre.org

Exploit Patch Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/6020

Source: cve@mitre.org

ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch