OpenBSD Information for VU#593299
BSD-derived ftpd replydirname() in ftpd.c contains one-byte overflow
OpenBSD made a patch available to fix this problem on December 4, 2000 in OpenBSD 2.8 Errata 005: SECURITY FIX: Dec 4, 2000:
An OpendBSD Security Advisory: Single-byte buffer overflow vulnerability in ftpd, was published on December 18, 2000:
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.