The bftpdutmp_log function in bftpdutmp.c in Bftpd before 2.4 does not place a '\0' character at the end of the string value of the ut.bu_host structure member, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors. NOTE: some of these details are...
6.8AI Score
0.006EPSS
7.5CVSS
7.4AI Score
0.001EPSS
An issue was discovered in Bftpd before 5.4. There is a heap-based off-by-one error during file-transfer error...
9.8CVSS
9.4AI Score
0.002EPSS
An issue was discovered in Bftpd 5.3. Under certain circumstances, an out-of-bounds read is triggered due to an uninitialized value. The daemon crashes at startup in the hidegroups_init function in...
9.1CVSS
9.1AI Score
0.002EPSS
Buffer overflow in the parsecmd function in bftpd before 1.8 has unknown impact and attack vectors related to the confstr...
6.8AI Score
0.003EPSS
Double free vulnerability in bftpd before 1.8 allows remote authenticated users to cause a denial of service (daemon crash) via a (1) get or (2) mget...
6.3AI Score
0.009EPSS
Buffer overflow in bftpd 1.0.13 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long SITE CHOWN...
7.8AI Score
0.01EPSS
Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER...
7.8AI Score
0.012EPSS