FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
Max CVSS
5.0
EPSS Score
4.08%
Published
2000-07-07
Updated
2008-09-10
1 vulnerabilities found