Jesse Smith » Bftpd » 1.6 : Security Vulnerabilities, CVEs,
The bftpdutmp_log function in bftpdutmp.c in Bftpd before 2.4 does not place a '\0' character at the end of the string value of the ut.bu_host structure member, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors. NOTE: some of these details are obtained from third party information.
Max CVSS
5.0
EPSS Score
0.44%
Published
2010-01-07
Updated
2010-01-08
1 vulnerabilities found