CVE-2024-48208

Опубликовано: 24 окт. 2024

Источник: debian

Описание

pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file.

Пакет	Статус	Версия исправления	Релиз	Тип
pure-ftpd	unfixed			package

https://github.com/jedisct1/pure-ftpd/pull/176
Fixed by: https://github.com/jedisct1/pure-ftpd/commit/350d66fbbd6634c09f146dc7d5bd57e737dfd0fb (1.0.52)
Followup: https://github.com/jedisct1/pure-ftpd/commit/2bbe0f25c6b905044803649a29df5f765f940b91
No security impact, basically just terminates the user's connection

CVE-2024-48208

CVSS3: 8.6

ubuntu

больше 1 года назад

pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file.

CVE-2024-48208

CVSS3: 8.6

nvd

больше 1 года назад

pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file.

GHSA-rrmj-qxgv-v296

CVSS3: 8.6

github

больше 1 года назад

pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file.

BDU:2024-10115

CVSS3: 8.6

fstec

больше 1 года назад

Уязвимость функции domlsd() файла ls.c FTP-сервера Pure-FTPd, позволяющая нарушителю прервать соединение пользователя с сервером