4 matches found
CVE-2026-34956
CVE-2026-34956 affects Open vSwitch: the vulnerability is in the userspace conntrack FTP ALG handler where a crafted FTP payload (EPASV/FTP substrings) can trigger an invalid memory access due to type narrowing when copying FTP substrings. This memory access can crash the process, causing Denial ...
curl: Infinite loop issue in the state machine of the curl project
Summary: Vulnerability impact: When curl attempts to download files from a malicious FTP server, it triggers an infinite loop in the code execution. I discovered this issue in the FTP functionality of the curl project .As described in...
httpd: NULL pointer defer in mod_proxy_ftp caused by crafted EPSV and PASV reply
The approxyftphandler function in modules/proxy/proxyftp.c in the modproxyftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service NULL pointer dereference and child process crash via a malformed reply to an EPSV command...
httpd: NULL pointer defer in mod_proxy_ftp caused by crafted EPSV and PASV reply
The approxyftphandler function in modules/proxy/proxyftp.c in the modproxyftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service NULL pointer dereference and child process crash via a malformed reply to an EPSV command...