EUVD-2006-5762

Malware in sbrugna...

Debian: Security Advisory (DLA-269-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-269-1 : linux-ftpd-ssl security update

The issue is due to a case of missing brackets in the patch '500-ssl.diff', which causes the execution of 'fcloseNULL' and thus displays as a segmentation fault. The error appears while transmogrifying 'linux-ftpd' into 'linux-ftpd-ssl'. There is no CVE assigned to this issue. The patch was creat...

[SECURITY] [DLA 269-1] linux-ftpd-ssl security update

Package : linux-ftpd-ssl Version : 0.17.32+0.3-1+deb6u1 Debian Bug : 788331 The issue is due to a case of missing brackets in the patch 500-ssl.diff, which causes the execution of fcloseNULL and thus displays as a segmentation fault. The error appears while transmogrifying linux-ftpd into...

Gentoo Security Advisory GLSA 200511-11 (linux-ftpd-ssl)

The remote host is missing updates announced in advisory GLSA 200511-11. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Debian Security Advisory DSA 896-1 (linux-ftpd-ssl)

The remote host is missing an update to linux-ftpd-ssl announced via advisory DSA 896-1. A buffer overflow has been discovered in ftpd-ssl, a simple BSD FTP server with SSL encryption support, that could lead to the execution of arbitrary code. The old stable distribution woody does not contain...

Debian: Security Advisory (DSA-896-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1217-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1217-1 (linux-ftpd)

The remote host is missing an update to linux-ftpd announced via advisory DSA 1217-1. Paul Szabo discovered that the netkit ftp server switches the user id too late, which may lead to the bypass of access restrictions when running on NFS. This update also adds return value checks to setuid calls,...

/bin/ls with gid=0 in Debian linux-ftpd

Mea culpa. A stupid little bug crept into linux-ftpd for Debian, and some other Linux distros. Some may have fixed it, but Debian hasn't. The effect is that ftpd now runs /bin/ls for DIR and similar commands with GID=0. Does not seem terribly dangerous as I do not seem able to trick ls into runni...

Debian DSA-1217-1 : linux-ftpd - programming error

Paul Szabo discovered that the netkit ftp server switches the user id too late, which may lead to the bypass of access restrictions when running on NFS. This update also adds return value checks to setuid calls, which may fail in some PAM configurations. %NASLMINLEVEL 70300 C Tenable Network...

CVE-2006-5778

ftpd in linux-ftpd 0.17, and possibly other versions, performs a chdir before setting the UID, which allows local users to bypass intended access restrictions by redirecting their home directory to a restricted directory...

CVE-2006-5778

ftpd in linux-ftpd 0.17, and possibly other versions, performs a chdir before setting the UID, which allows local users to bypass intended access restrictions by redirecting their home directory to a restricted directory...

CVE-2006-5778

ftpd in linux-ftpd 0.17, and possibly other versions, performs a chdir before setting the UID, which allows local users to bypass intended access restrictions by redirecting their home directory to a restricted directory...

CVE-2006-5778

CVE-2006-5778 affects ftpd in Linux Netkit (linux-ftpd) 0.17 and possibly other versions. The underlying issue is that the daemon performs a chdir before switching the user identity, which can allow local attackers to bypass access restrictions by redirecting their home directory to a restricted ...

Debian DSA-896-1 : linux-ftpd-ssl - buffer overflow

A buffer overflow has been discovered in ftpd-ssl, a simple BSD FTP server with SSL encryption support, that could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Securi...

[SECURITY] [DSA 896-1] New ftpd-ssl packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 896-1 [email protected] http://www.debian.org/security/ Martin Schulze November 15th, 2005 http://www.debian.org/security/faq -...

GLSA-200511-11 : linux-ftpd-ssl: Remote buffer overflow

The remote host is affected by the vulnerability described in GLSA-200511-11 linux-ftpd-ssl: Remote buffer overflow A buffer overflow vulnerability has been found in the linux-ftpd-ssl package. A command that generates an excessively long response from the server may overrun a stack buffer. Impac...

linux-ftpd-ssl: Remote buffer overflow

Background linux-ftpd-ssl is the netkit FTP server with encryption support. Description A buffer overflow vulnerability has been found in the linux-ftpd-ssl package. A command that generates an excessively long response from the server may overrun a stack buffer. Impact An attacker that has...

CVE-2005-3524

Buffer overflow in the SSL-ready version of linux-ftpd linux-ftpd-ssl 0.17 allows remote attackers to execute arbitrary code by creating a long directory name, then executing the XPWD command...