CVE-2004-2523
OpenFTPD affected: OpenFTPD 0.30.2 and earlier. The vulnerability is a format string flaw in the SITE MSG command’s msg.c (cat_message) that lets remote authenticated users execute arbitrary code via format specifiers in the message argument. This is a remote code execution risk with authenticati...