2 matches found
CVE-2023-45198
CVE-2023-45198 affects ftpd before NetBSD-ftpd 20230930 and tnftpd before 20231001, enabling leakage of host filesystem information prior to authentication via MLSD/MLST. Red Hat/EUVD entries corroborate the issue. Remediation is to upgrade to NetBSD-ftpd 20231001 or later (or apply equivalent ve...
CVE-2002-2245
NetBSD ftpd is affected on versions 1.5 through 1.5.3 and 1.6. The issue arises because the FTP server does not properly quote a digit in the response to a STAT command for a filename containing a carriage return followed by a digit, which can cause firewalls and other intermediary devices to los...