8 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-9274
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the lookupaliasconst...
Ubuntu: Security Advisory (USN-4515-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4515-1: Pure-FTPd vulnerability
Antonio Norales discovered that Pure-FTPd incorrectly handled directory aliases. An attacker could possibly use this issue to access sensitive information. CVE-2020-9274...
Fedora 31 : pure-ftpd (2020-84fb0920fd)
Fix CVE-2020-9365 and CVE-2020-9274 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...
Fedora 30 : pure-ftpd (2020-fa83ea0492)
Fix CVE-2020-9365 and CVE-2020-9274 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...
[SECURITY] [DLA 2123-1] pure-ftpd security update
Package : pure-ftpd Version : 1.0.36-3.2+deb8u1 CVE ID : CVE-2020-9274 Debian Bug : 925666 An uninitialized pointer vulnerability was discovered in pure-ftpd, a secure and efficient FTP server, which could result in an out-of-bounds memory read and potential information disclosure. For Debian 8...
CVE-2020-9274
CVE-2020-9274 affects Pure-FTPd 1.0.49. The issue is an uninitialized pointer in the diraliases linked list; when lookup_alias(alias) or print_aliases() runs, the code fails to detect the end of the list and dereferences a non-existent member, tied to init_aliases in diraliases.c. The connected d...
Pure-FTPd <= 1.0.49 Multiple Vulnerabilities
Pure-FTPd is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...