EUVD-2020-26447

Malware in sbrugna...

CVE-2020-20276

An unauthenticated stack-based buffer overflow vulnerability in common.c's handlePORT in uftpd FTP server versions 2.10 and earlier can be abused to cause a crash and could potentially lead to remote code execution...

CVE-2020-5204

In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...

CVE-2020-5204

In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...

Buffer overflow

In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...

CVE-2020-5204 Buffer overflow vulnerability in uftpd

In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...

CVE-2020-5204

CVE-2020-5204 affects uftpd prior to 2.11. A buffer overflow exists in FTP PORT parsing (ftpcmd.c handle_PORT) where a 16-byte buffer can overflow when filling input with a format string like %d.%d.%d.%d using user input. The root cause is sprintf-based population of the IPv4-like string exceedin...