FreeBSD Ports: Tnftpd Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://cvsweb.netbsd.org/bsdweb.cgi/src/libexec/ftpd/ftpd.c#rev1.158 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc http://lists.netsys.com/pipermail/full-disclosure/2004-August/025418.html http://www.vuxml.org/freebsd/c4b025bb-f05d-11d8-9837-000c41e2cdad.html

Insight

The following packages are affected: tnftpd lukemftpd CVE-2004-0794 Multiple signal handler race conditions in lukemftpd (aka tnftpd before 20040810) allow remote authenticated attackers to cause a denial of service or execute arbitrary code.

Severity

Classification

CVE CVE-2004-0794

CVSS	Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: apache
FreeBSD Ports: apache
FreeBSD Ports: ap20-mod_pubcookie
FreeBSD Ports: acroread7, ja-acroread
FreeBSD Ports: cabextract

FreeBSD Ports: tnftpd

Take action and discover your vulnerabilities