Описание
ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:netbsd:ftpd:1.5:*:*:*:*:*:*:*
cpe:2.3:a:netbsd:ftpd:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:netbsd:ftpd:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:netbsd:ftpd:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:netbsd:ftpd:1.6:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.0025
Низкий
5 Medium
CVSS2
Дефекты
CWE-189
Связанные уязвимости
github
больше 3 лет назад
ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session.
EPSS
Процентиль: 48%
0.0025
Низкий
5 Medium
CVSS2
Дефекты
CWE-189