FreeBSD And OpenBSD 'ftpd' NULL Pointer Dereference Denial Of Service Vulnerability Network Vulnerability

Summary

The FreeBSD and OpenBSD 'ftpd' service is prone to a denial-of-service vulnerability because of a NULL-pointer dereference. Successful exploits may allow remote attackers to cause denial-of- service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. This issue affects the following releases: FreeBSD 8.0, 6.3, 4.9 OpenBSD 4.5 and 4.6

Solution

Updates are available please see the references for more information.

References

http://www.freebsd.org/
http://www.openbsd.org
http://www.openbsd.org/errata45.html
http://www.openbsd.org/errata46.html
http://www.securityfocus.com/bid/38559

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C

Related Vulnerabilities

httpdx 'MKD' Command Directory Traversal Vulnerability
Open-FTPD Authentication Bypass Vulnerability
TYPSoft FTP Server Multiple Commands Remote Denial of Service Vulnerabilities
SamiFTP Server 'RETR' Command Denial of Service Vulnerability
Windows Administrator NULL FTP password

FreeBSD and OpenBSD 'ftpd' NULL Pointer Dereference Denial Of Service Vulnerability

Take action and discover your vulnerabilities