oftpd denial-of-service vulnerability (PORT command)

2004-03-04T00:00:00
ID 290D81B9-80F1-11D8-9645-0020ED76EF5A
Type freebsd
Reporter FreeBSD
Modified 2004-04-05T00:00:00

Description

Philippe Oechslin reported a denial-of-service vulnerability in oftpd. The oftpd server can be crashed by sending a PORT command containing an integer over 8 bits long (over 255).