Open-FTPD Multiple Buffer Overflow Vulnerabilities
BID:30993
Info
Open-FTPD Multiple Buffer Overflow Vulnerabilities
| Bugtraq ID: | 30993 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 03 2008 12:00AM |
| Updated: | Feb 16 2010 05:12PM |
| Credit: | Ciph3r |
| Vulnerable: |
Open-FTPD Open-FTPD 1.2 |
| Not Vulnerable: | |
Discussion
Open-FTPD Multiple Buffer Overflow Vulnerabilities
Open-FTPD is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data.
Successful exploits may allow attackers to execute arbitrary code in the context of the application or cause a denial-of-service condition.
Open-FTPD 1.2 is vulnerable; other versions may also be affected.
Open-FTPD is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data.
Successful exploits may allow attackers to execute arbitrary code in the context of the application or cause a denial-of-service condition.
Open-FTPD 1.2 is vulnerable; other versions may also be affected.
Exploit / POC
Open-FTPD Multiple Buffer Overflow Vulnerabilities
The following proofs of concept and exploit are available:
The following proofs of concept and exploit are available:
Solution / Fix
Open-FTPD Multiple Buffer Overflow Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].