2 matches found
CVE-2020-6835
CVE-2020-6835 affects Bftpd before 5.4. The vulnerability is a heap-based off-by-one error during file-transfer error checking. The NVD entry lists CVSS v2 base 7.5 (high) and CVSS v3.1 base 9.8 (critical) with Network attack vector, no user interaction required. Red Hat and OpenVAS references re...
CVE-2017-16892
The CVE-2017-16892 entry applies to Bftpd before 4.7, where the file-rename function contains a memory-leak bug. Multiple sources corroborate a memory-leak risk that can lead to denial of service; CVSS data shows a high impact for the 3.0 vector (HIGH availability impact) and medium base score (5...