CVE-1999-0997 Information

Description

wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion e.g. tar or uncompress.

Reference

http://www.debian.org/security/2003/dsa-377