7.7 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.041 Low
EPSS
Percentile
92.1%
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc
archives.neohapsis.com/archives/bugtraq/2000-07/0031.html
archives.neohapsis.com/archives/bugtraq/2000-07/0061.html
archives.neohapsis.com/archives/bugtraq/2000-07/0121.html
www.cert.org/advisories/CA-2000-13.html
www.securityfocus.com/bid/1425
www.securityfocus.com/bid/1438