uftpd Null Pointer Dereference Vulnerability

uftpd is a Linux FTP/TFTP server. A null pointer dereference vulnerability exists in uftpd versions prior to 2.12. The vulnerability stems from the failure of handleCWD in ftpcmd.c in uftpd to properly handle user-supplied paths. An attacker can cause a denial of service via the CWD /... command ...

[SECURITY] [DSA 1217-1] New linux-ftpd packages fix access control bypass

-------------------------------------------------------------------------- Debian Security Advisory DSA 1217-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 20th, 2006 http://www.debian.org/security/faq -...

Potential Security Problem in bftpd-1.0.11

Subject : Potential security problem in bftpd Buffer Overflow Author : Christophe BAILLEUX [email protected] Plateforms : nix Test version : bftpd-1.0.11 I. Introduction bftpd is a Linux FTP server with chroot and setreuid. Not all FTP commands are included. It accesses either the user's home directo...

Linux FTP Server Backdoor Detection

There is a backdoor in the old FTP daemons of Linux that allows remote users to log in as 'NULL' with password 'NULL'. These credentials provide root access. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10080; scriptversion "1.27"; scriptcvsdate"Date: 2018/06/13...