OpenBSD Information for VU#593299
BSD-derived ftpd replydirname() in ftpd.c contains one-byte overflow
- Vendor Information Help Date Notified: 04 Dec 2000
- Statement Date:
- Date Updated: 21 Dec 2000
OpenBSD made a patch available to fix this problem on December 4, 2000 in OpenBSD 2.8 Errata 005: SECURITY FIX: Dec 4, 2000:
An OpendBSD Security Advisory: Single-byte buffer overflow vulnerability in ftpd, was published on December 18, 2000:
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.