3 matches found
CVE-2020-6835
CVE-2020-6835 affects Bftpd before 5.4. The vulnerability is a heap-based off-by-one error during file-transfer error checking. The NVD entry lists CVSS v2 base 7.5 (high) and CVSS v3.1 base 9.8 (critical) with Network attack vector, no user interaction required. Red Hat and OpenVAS references re...
CVE-2020-6162
CVE-2020-6162 affects Bftpd 5.3. An out-of-bounds read triggered by an uninitialized value causes the daemon to crash at startup, specifically in the hidegroups_init function in dirlist.c. The available connected documents confirm the vulnerability class (out-of-bounds read) and location, but do ...
CVE-2017-16892
The CVE-2017-16892 entry applies to Bftpd before 4.7, where the file-rename function contains a memory-leak bug. Multiple sources corroborate a memory-leak risk that can lead to denial of service; CVSS data shows a high impact for the 3.0 vector (HIGH availability impact) and medium base score (5...