Skip to content

Commit 00a0029

Browse files
committed
add: AVE-1999-0034
1 parent 632c57f commit 00a0029

1 file changed

Lines changed: 19 additions & 12 deletions

File tree

vulns/1999/AVE-1999-0034.toml

Lines changed: 19 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,25 +1,32 @@
11
[basic]
2-
description = "Vulnerability identified as CVE-1999-0044. Please refer to vendor advisory for details."
3-
published = "2026-07-10"
4-
remediation = "Refer to vendor advisory and upgrade to fixed version."
5-
score = 5.0
6-
severity = "MEDIUM"
7-
sources = ["exploitdb"]
8-
title = "CVE-1999-0044 vulnerability"
9-
updated = "2026-07-10"
2+
description = "wu-ftpd 的 FTP 转换功能存在远程命令执行漏洞。攻击者通过构造恶意的文件名,将特殊参数传递给转换程序(如 tar 或 uncompress),从而在服务器上执行任意命令。利用该漏洞需要有效的登录凭据与写入权限,但可导致敏感信息泄露、系统被控制等严重后果。"
3+
published = "1999-12-20"
4+
remediation = "升级 wu-ftpd 至安全版本或禁用 FTP 转换功能。建议迁移至 vsftpd 或 ProFTPD 等更安全的 FTP 服务器软件,并限制用户对 FTP 服务器的写入权限。"
5+
score = 7.5
6+
severity = "HIGH"
7+
sources = [
8+
"redhat",
9+
"nvd",
10+
]
11+
title = "wu-ftpd FTP 文件转换远程命令执行漏洞"
12+
updated = "2026-06-16"
1013

1114
[exploit]
1215
exp_urls = []
1316
poc_urls = []
1417

1518
[id]
16-
aliases = ["CVE-1999-0044"]
19+
aliases = ["CVE-1999-0997"]
1720
ave_id = "AVE-1999-0034"
18-
cve_id = "CVE-1999-0044"
21+
cve_id = "CVE-1999-0997"
1922

2023
[meta]
21-
collected_at = "2026-07-10T12:52:04.247696278+00:00"
24+
collected_at = "2026-07-10T12:52:04.341466967+00:00"
2225
status = "completed"
2326

2427
[references]
25-
urls = []
28+
urls = [
29+
"https://nvd.nist.gov/vuln/detail/CVE-1999-0997",
30+
"https://access.redhat.com/security/cve/CVE-1999-0997",
31+
"http://www.debian.org/security/2003/dsa-377",
32+
]

0 commit comments

Comments
 (0)