CVE-2004-0148

Description

wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.

Affected products

sgi / propack2.3 – 2.3
sgi / propack2.4 – 2.4
washington_university / wu-ftpd2.4.1 – 2.4.1
washington_university / wu-ftpd2.4.2_beta2 – 2.4.2_beta2
washington_university / wu-ftpd2.4.2_beta18 – 2.4.2_beta18
washington_university / wu-ftpd2.4.2_beta18_vr4 – 2.4.2_beta18_vr4
washington_university / wu-ftpd2.4.2_beta18_vr5 – 2.4.2_beta18_vr5
washington_university / wu-ftpd2.4.2_beta18_vr6 – 2.4.2_beta18_vr6
washington_university / wu-ftpd2.4.2_beta18_vr7 – 2.4.2_beta18_vr7
washington_university / wu-ftpd2.4.2_beta18_vr8 – 2.4.2_beta18_vr8
washington_university / wu-ftpd2.4.2_beta18_vr9 – 2.4.2_beta18_vr9
washington_university / wu-ftpd2.4.2_beta18_vr10 – 2.4.2_beta18_vr10
washington_university / wu-ftpd2.4.2_beta18_vr11 – 2.4.2_beta18_vr11
washington_university / wu-ftpd2.4.2_beta18_vr12 – 2.4.2_beta18_vr12
washington_university / wu-ftpd2.4.2_beta18_vr13 – 2.4.2_beta18_vr13
washington_university / wu-ftpd2.4.2_beta18_vr14 – 2.4.2_beta18_vr14
washington_university / wu-ftpd2.4.2_beta18_vr15 – 2.4.2_beta18_vr15
washington_university / wu-ftpd2.4.2_vr16 – 2.4.2_vr16
washington_university / wu-ftpd2.4.2_vr17 – 2.4.2_vr17
washington_university / wu-ftpd2.5.0 – 2.5.0
washington_university / wu-ftpd2.6.0 – 2.6.0
washington_university / wu-ftpd2.6.1 – 2.6.1
washington_university / wu-ftpd2.6.2 – 2.6.2

Description

Affected products

References