CVE-1999-1333

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Dec 31, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-1333 is a vulnerability affecting the ncftp FTP client in Red Hat Linux 5.0 and earlier versions. The automatic download feature of this software is the source of the issue, allowing remote attackers to execute arbitrary commands by injecting shell metacharacters into the names of files being downloaded. Successful exploitation of this vulnerability could result in significant security risks, as attackers could run malicious code on affected systems. System administrators are advised to upgrade to a patched version of ncftp to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Red Hat Enterprise Linux

Affected Vendors

Red Hat

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlV66
https://www.cve.org/CVERecord?id=CVE-1999-1333
https://nvd.nist.gov/vuln/detail/CVE-1999-1333

Back to Vulnerability Database