Computer Security
[EN] securityvulns.ru no-pyccku


realpath() BSD and wu-ftpd / BSD FTP / SSH buffer overflow
updated since 01.08.2003
Published:19.05.2007
Source:
SecurityVulns ID:3022
Type:library
Threat Level:
8/10
Description:off-by-one overflow in fb_realpath() function in oversized path of few FTP commands.
Affected:FREEBSD : FreeBSD 5.0
 NETBSD : NetBSD 1.5
 WU : WU-FTPD 2.6
 NETBSD : NetBSD 1.6
 WU : wu-ftpd 2.5
 FREEBSD : FreeBSD 4.8
Original documentdocumentkingcope_(at)_gmx.net, [Full-disclosure] ssh.com ssh-3.2.9.1 sftp server remote off by one (19.05.2007)
 documentNETBSD, NetBSD Security Advisory 2003-011: off-by-one error in realpath(3) (05.08.2003)
 documentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-03:08.realpath (04.08.2003)
 documentJanusz Niewiadomski, wu-ftpd fb_realpath() off-by-one bug (01.08.2003)
Files:wu-ftpd-2.6.2 off-by-one remote exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod