The FreeBSD and OpenBSD 'ftpd' service is prone to a denial-of-service vulnerability because of a NULL-pointer dereference. Successful exploits may allow remote attackers to cause denial-of- service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. This issue affects the following releases: FreeBSD 8.0, 6.3, 4.9 OpenBSD 4.5 and 4.6
Updates are available please see the references for more information.