QFTP (LIBFtp 3.1-1) (command line) sprintf() local buffer overflow

http://nbpfaus.net/pfau/ftplib/ qftp is a utility that performs file transfers using ftplib based on instructions presented on the command line. Description buffer overflow in sprintf, setumask don't check sizelen of passed argument. Source error in main: 337: case 'm' : setumaskoptarg; break;...

Buffer overflow

Buffer overflow in the setumask function in QFTP in LIBFtp 3.1-1 allows local users to execute arbitrary code via a long -m argument. NOTE: CVE disputes this issue because QFTP is not setuid, and it is unlikely that there are web interfaces to QFTP that would accept untrusted command line argumen...

CVE-2007-1485

CVE-2007-1485 describes a buffer overflow in LIBFtp 3.1-1’s QFTP implementation, specifically in the set_umask function, where a long -m argument could allow local code execution. The connected sources corroborate: LIBFtp 3.1-1 is affected, and the overflow is in QFTP’s processing path. The CVE n...

CVE-2007-1485

Buffer overflow in the setumask function in QFTP in LIBFtp 3.1-1 allows local users to execute arbitrary code via a long -m argument. NOTE: CVE disputes this issue because QFTP is not setuid, and it is unlikely that there are web interfaces to QFTP that would accept untrusted command line argumen...