Описание
The bftpdutmp_log function in bftpdutmp.c in Bftpd before 2.4 does not place a '\0' character at the end of the string value of the ut.bu_host structure member, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors. NOTE: some of these details are obtained from third party information.
Ссылки
- Patch
- Vendor Advisory
- Patch
- PatchVendor Advisory
- Patch
- Vendor Advisory
- Patch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.3 (включая)
Одно из
cpe:2.3:a:jesse_smith:bftpd:*:*:*:*:*:*:*:*
cpe:2.3:a:jesse_smith:bftpd:1.6:*:*:*:*:*:*:*
cpe:2.3:a:jesse_smith:bftpd:1.7:*:*:*:*:*:*:*
cpe:2.3:a:jesse_smith:bftpd:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:jesse_smith:bftpd:1.8:*:*:*:*:*:*:*
cpe:2.3:a:jesse_smith:bftpd:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:jesse_smith:bftpd:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:jesse_smith:bftpd:2.1:*:*:*:*:*:*:*
cpe:2.3:a:jesse_smith:bftpd:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:jesse_smith:bftpd:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:jesse_smith:bftpd:2.2:*:*:*:*:*:*:*
cpe:2.3:a:jesse_smith:bftpd:2.2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.0073
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The bftpdutmp_log function in bftpdutmp.c in Bftpd before 2.4 does not place a '\0' character at the end of the string value of the ut.bu_host structure member, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors. NOTE: some of these details are obtained from third party information.
EPSS
Процентиль: 72%
0.0073
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other