NetBSD Information for VU#593299
BSD-derived ftpd replydirname() in ftpd.c contains one-byte overflow
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 21 Dec 2000
NetBSD has published an advisory about this issue at:
NetBSD Security Advisory 2000-018
Topic: One-byte buffer overrun in ftpd
Version: All official releases up to and including 1.5
Severity: possible remote root compromise.
Fixed: NetBSD-current: December 4, 2000
NetBSD 1.4 branch: December 14, 2000
NetBSD 1.5 branch: December 13, 2000
The vendor has not provided us with any further information regarding this vulnerability.
Good signature made 2000-12-20 18:48 GMT by key:
1024 bits, Key ID F8376205, Created 1997-07-01
If you have feedback, comments, or additional information about this vulnerability, please send us email.