2 matches found
CVE-2004-2523
OpenFTPD affected: OpenFTPD 0.30.2 and earlier. The vulnerability is a format string flaw in the SITE MSG command’s msg.c (cat_message) that lets remote authenticated users execute arbitrary code via format specifiers in the message argument. This is a remote code execution risk with authenticati...
CVE-2004-2523
Format string vulnerability in the msg command catmessage function in msg.c in OpenFTPD 0.30.2 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in the message argument...