FreeBSD And OpenBSD 'ftpd' NULL Pointer Dereference Denial Of Service Vulnerability Network Vulnerability

Summary

The FreeBSD and OpenBSD 'ftpd' service is prone to a denial-of-service vulnerability because of a NULL-pointer dereference. Successful exploits may allow remote attackers to cause denial-of- service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. This issue affects the following releases: FreeBSD 8.0, 6.3, 4.9 OpenBSD 4.5 and 4.6

Solution

Updates are available please see the references for more information.

References

http://www.freebsd.org/
http://www.openbsd.org
http://www.openbsd.org/errata45.html
http://www.openbsd.org/errata46.html
http://www.securityfocus.com/bid/38559

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C

Related Vulnerabilities

FFFTP LIST Command Directory Traversal Vulnerability
AceFTP LIST Command Directory Traversal Vulnerability
Null FTP Server SITE Command Execution Vulnerability
EFTP tells if a given file exists
httpdx 'MKD' Command Directory Traversal Vulnerability

FreeBSD and OpenBSD 'ftpd' NULL Pointer Dereference Denial Of Service Vulnerability

Take action and discover your vulnerabilities