Vulnerability Report

CVE-1999-0368

Title: wu-ftpd and ProFTPD buffer overflows leading to remote root compromise

Memory Corruption

Proof Of Concept

PoC Available for CVE-1999-0368

CWE Category NVD-CWE-noinfo

Published Date Feb 09, 1999

Modified Date Apr 16, 2026

Exploit Status Available

Score 10.0 CVSS v2.0

Exploit Probability (EPSS)

48.33%

Vulnerability Summary

CVE-1999-0368: Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.

Impacted Vendors

washington_university 1

proftpd_project 1

proftpd 1

wuftpd 1

Reference Links

https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368

CVSS v2.0

Source Entity [email protected]

Severity HIGH

10.0

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:C/I:C/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-1999-0368 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/19086

View Code

Exploit-DB https://www.exploit-db.com/exploits/19087

View Code

April 16, 2026 MODIFIED

Vulnerability data updated via NVD.

April 03, 2025 MODIFIED

Vulnerability data or affected products updated.

February 09, 1999 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected Stack

No specific products linked.