BSDI Information for VU#29823

Format string input validation error in wu-ftpd site_exec() function


Not Affected

Vendor Statement

Current versions of BSD/OS do not include any version of wu-ftpd. The BSDI ftpd is not vulnerable to the reported problems; it is not based on the wu-ftpd code.

The version of ftpd in modern versions of BSD/OS is not vulnerable to the generic setproctitle() vulnerabilities.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.