FreeBSD Information for VU#593299
BSD-derived ftpd replydirname() in ftpd.c contains one-byte overflow
The FreeBSD security officer, Kris Kennaway <email@example.com>, posted a statement to Bugtraq regarding this issue:
"FreeBSD is not vulnerable"
The vendor has not provided us with any further information regarding this vulnerability.
However, this message was not signed with the FreeBSD security officer key; it was signed with a key unknown to the CERT/CC at this time: "Signature by unknown keyid: 0x68E840A5", presumably Kris's personal key.
If you have feedback, comments, or additional information about this vulnerability, please send us email.