Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-9274

Опубликовано: 26 фев. 2020
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Средний

Описание

An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to access a non-existent list member. This is related to init_aliases in diraliases.c.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:pureftpd:pure-ftpd:*:*:*:*:*:*:*:*
Версия до 1.0.50 (исключая)
Конфигурация 2
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
Конфигурация 4
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Конфигурация 5
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

EPSS

Процентиль: 95%
0.21014
Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-824

Связанные уязвимости

ubuntu логотип

CVE-2020-9274

CVSS3: 7.5
ubuntu
больше 5 лет назад

An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to access a non-existent list member. This is related to init_aliases in diraliases.c.

debian логотип

CVE-2020-9274

CVSS3: 7.5
debian
больше 5 лет назад

An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer ...

github логотип

GHSA-26hm-gghq-x5rr

CVSS3: 7.5
github
больше 3 лет назад

An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to access a non-existent list member. This is related to init_aliases in diraliases.c.

EPSS

Процентиль: 95%
0.21014
Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-824