CVE-2004-0148

Description

wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.

Software From Fixed in
washington_university / wu-ftpd 2.4.1 2.4.1.x
washington_university / wu-ftpd 2.4.2_beta18 2.4.2_beta18.x
washington_university / wu-ftpd 2.4.2_beta18_vr10 2.4.2_beta18_vr10.x
washington_university / wu-ftpd 2.4.2_beta18_vr11 2.4.2_beta18_vr11.x
washington_university / wu-ftpd 2.4.2_beta18_vr12 2.4.2_beta18_vr12.x
washington_university / wu-ftpd 2.4.2_beta18_vr13 2.4.2_beta18_vr13.x
washington_university / wu-ftpd 2.4.2_beta18_vr14 2.4.2_beta18_vr14.x
washington_university / wu-ftpd 2.4.2_beta18_vr15 2.4.2_beta18_vr15.x
washington_university / wu-ftpd 2.4.2_beta18_vr4 2.4.2_beta18_vr4.x
washington_university / wu-ftpd 2.4.2_beta18_vr5 2.4.2_beta18_vr5.x
washington_university / wu-ftpd 2.4.2_beta18_vr6 2.4.2_beta18_vr6.x
washington_university / wu-ftpd 2.4.2_beta18_vr7 2.4.2_beta18_vr7.x
washington_university / wu-ftpd 2.4.2_beta18_vr8 2.4.2_beta18_vr8.x
washington_university / wu-ftpd 2.4.2_beta18_vr9 2.4.2_beta18_vr9.x
washington_university / wu-ftpd 2.4.2_beta2 2.4.2_beta2.x
washington_university / wu-ftpd 2.4.2_vr16 2.4.2_vr16.x
washington_university / wu-ftpd 2.4.2_vr17 2.4.2_vr17.x
washington_university / wu-ftpd 2.5.0 2.5.0.x
washington_university / wu-ftpd 2.6.0 2.6.0.x
washington_university / wu-ftpd 2.6.1 2.6.1.x
washington_university / wu-ftpd 2.6.2 2.6.2.x
sgi / propack 2.3 2.3.x
sgi / propack 2.4 2.4.x