{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T12:57:36.431","vulnerabilities":[{"cve":{"id":"CVE-2001-0187","sourceIdentifier":"cve@mitre.org","published":"2001-03-26T05:00:00.000","lastModified":"2026-04-16T00:27:16.627","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.1:*:*:*:*:*:*:*","matchCriteriaId":"28E5257A-F5ED-482C-9A0B-3B576513E7D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta9:*:academ:*:*:*:*:*","matchCriteriaId":"1DF420E7-4BA8-45A4-B75E-8EEC10DDBD6D"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18:*:academ:*:*:*:*:*","matchCriteriaId":"C63ACBE3-5BB2-483E-A5FE-87698E98354A"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr4:*:*:*:*:*:*:*","matchCriteriaId":"B39D46C4-B153-4301-AE9C-57FB6BA64CD9"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr5:*:*:*:*:*:*:*","matchCriteriaId":"E55582DD-DEF7-4BF8-950C-E7E58BD29DE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr6:*:*:*:*:*:*:*","matchCriteriaId":"FF9B9132-19A1-4242-A129-E5A49F466EA2"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr7:*:*:*:*:*:*:*","matchCriteriaId":"4B9E32F3-06CF-482D-8313-3D098CDE8B6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr8:*:*:*:*:*:*:*","matchCriteriaId":"0A096214-84AD-44F5-BBEF-F9F17B9B0C43"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr9:*:*:*:*:*:*:*","matchCriteriaId":"4989799F-143A-45E5-A30C-9E3203649770"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr10:*:*:*:*:*:*:*","matchCriteriaId":"1E3D0CC6-D1A0-4784-BE93-319C7EE59134"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr11:*:*:*:*:*:*:*","matchCriteriaId":"4FA32489-F098-43D2-80B7-89CFE0BE9A3A"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr12:*:*:*:*:*:*:*","matchCriteriaId":"91C6388E-464B-4562-BC7B-7B4A66387B30"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr13:*:*:*:*:*:*:*","matchCriteriaId":"923B5711-853D-4A77-8FB3-D5C3D449518D"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr14:*:*:*:*:*:*:*","matchCriteriaId":"9BB1B136-F90E-426B-8010-F2D059E89DBE"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr15:*:*:*:*:*:*:*","matchCriteriaId":"CD9EFCD7-2A13-420E-B6A0-C1248B2E6E2F"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_vr16:*:*:*:*:*:*:*","matchCriteriaId":"573486C8-0349-4BC9-AD7D-3FBF93DDB6AF"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.4.2_vr17:*:*:*:*:*:*:*","matchCriteriaId":"CAD81A30-9C35-4EEA-B6FE-A4AC76893AC6"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.5:*:*:*:*:*:*:*","matchCriteriaId":"6AFFA39F-9072-4F19-A695-F383EA61D55D"},{"vulnerable":true,"criteria":"cpe:2.3:a:washington_university:wu-ftpd:2.6:*:*:*:*:*:*:*","matchCriteriaId":"0A5D6359-4E6D-4563-8251-F1719D45E20E"}]}]}],"references":[{"url":"ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch","source":"cve@mitre.org"},{"url":"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000443","source":"cve@mitre.org"},{"url":"http://www.debian.org/security/2001/dsa-016","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/2296","source":"cve@mitre.org","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/6020","source":"cve@mitre.org"},{"url":"ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000443","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.debian.org/security/2001/dsa-016","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/2296","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/6020","source":"af854a3a-2127-422b-91ae-364da2661108"}],"vendorComments":[{"organization":"Red Hat","comment":"Red Hat Enterprise Linux 2.1 ships with wu-ftp version 2.6.2 which is not vulnerable to this issue.","lastModified":"2006-09-27T00:00:00"}]}}]}