| Vulnerability Name: | CVE-1999-0955 (CCN-55) | ||||||||
| Assigned: | 1993-03-01 | ||||||||
| Published: | 1993-03-01 | ||||||||
| Updated: | 2022-08-17 | ||||||||
| Summary: | Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command. | ||||||||
| CVSS v3 Severity: | 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.6 High (CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: CCN Type: Academ Consulting Service FTP site FTP directory /pub/wu-ftpd/ at ftp.academ.com Source: CCN Type: CIAC Information Bulletin E-17 FTP Daemon Vulnerabilities Source: MITRE Type: CNA CVE-1999-0955 Source: CCN Type: Hewlett-Packard Company Security Bulletin HPSBUX9405-010 ftpd: SITE CHMOD / race condition vulnerability Source: CCN Type: CERT Advisory CA-1993-06 wuarchive ftpd Vulnerability Source: CCN Type: CERT Advisory CA-1994-08 ftpd Vulnerabilities Source: CCN Type: OSVDB ID: 8719 WU-FTPD Site EXEC Race Condition Source: CCN Type: OSVDB ID: 8720 BSD ftpd Site EXEC Race Condition Source: XF Type: UNKNOWN ftp-exec(55) Source: MISC Type: UNKNOWN https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0955 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||