CVE-1999-1333

Published: Dec 31, 1999Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.

Affected (1)

Products: Redhat: Linux

Redhat

1 product

Linux

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Linux	Up to 5.0

References (8)

http://marc.info/?l=bugtraq&m=89042322924057&w=2

Source: cve@mitre.org

http://www.iss.net/security_center/static/7240.php

Source: cve@mitre.org

http://www.osvdb.org/6111

Source: cve@mitre.org

http://www.redhat.com/support/errata/rh50-errata-general.html#ncftp

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=89042322924057&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.iss.net/security_center/static/7240.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/6111

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/rh50-errata-general.html#ncftp

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.