Summary
The FreeBSD and OpenBSD 'ftpd' service is prone to a denial-of-service vulnerability because of a NULL-pointer dereference.
Successful exploits may allow remote attackers to cause denial-of- service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.
This issue affects the following releases:
FreeBSD 8.0, 6.3, 4.9 OpenBSD 4.5 and 4.6
Solution
Updates are available
please see the references for more information.
References
Severity
Classification
-
CVSS Base Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- War FTP Daemon 'USER' and 'PASS' Remote Format String Vulnerability
- pyftpdlib FTP Server Multiple Vulnerabilities
- Flash FTP Server Directory Traversal Vulnerability
- ActFax FTP Server Post Auth 'RETR' Command Denial of Service Vulnerability
- TYPSoft FTP Server Multiple Commands Remote Denial of Service Vulnerabilities