CVE-1999-0880

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Oct 1, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-0880 is a denial-of-service vulnerability affecting WU-FTPD (Washington University's File Transfer Protocol Daemon). The issue arises due to a memory leak in the handling of the SITE NEWER command, which fails to free allocated memory properly. An attacker can exploit this flaw by sending specially crafted commands, resulting in excessive memory consumption and a server crash or denial of service condition. This vulnerability poses a significant threat to systems running WU-FTPD and emphasizes the importance of applying patches or updates to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlU6a
https://www.cve.org/CVERecord?id=CVE-1999-0880
https://nvd.nist.gov/vuln/detail/CVE-1999-0880

Back to Vulnerability Database

CVE-1999-0880

CVSS 2.0 Score 5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations