Debian Security Advisory DSA 473-1 (oftpd) Network Vulnerability

Summary

The remote host is missing an update to oftpd announced via advisory DSA 473-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20473-1

Insight

A vulnerability was discovered in oftpd, an anonymous FTP server, whereby a remote attacker could cause the oftpd process to crash by specifying a large value in a PORT command. For the stable distribution (woody) this problem has been fixed in version 0.3.6-6. For the unstable distribution (sid) these problems have been fixed in version 20040304-1. We recommend that you update your oftpd package.

Severity

Classification

CVE CVE-2004-0376

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1027-1 (mailman)
Debian Security Advisory DSA 004-1 (nano)
Debian Security Advisory DSA 1135-1 (libtunepimp)
Debian Security Advisory DSA 067-1 (apache,apache-ssl)
Debian Security Advisory DSA 1055-1 (mozilla-firefox)

Take action and discover your vulnerabilities