5
CVE-2009-4593
- EPSS 0.73%
- Veröffentlicht 07.01.2010 18:30:01
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe bftpdutmp_log function in bftpdutmp.c in Bftpd before 2.4 does not place a '\0' character at the end of the string value of the ut.bu_host structure member, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors. NOTE: some of these details are obtained from third party information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Jesse Smith ≫ Bftpd Version <= 2.3
Jesse Smith ≫ Bftpd Version1.6
Jesse Smith ≫ Bftpd Version1.7
Jesse Smith ≫ Bftpd Version1.7.2
Jesse Smith ≫ Bftpd Version1.8
Jesse Smith ≫ Bftpd Version2.0.2
Jesse Smith ≫ Bftpd Version2.0.3
Jesse Smith ≫ Bftpd Version2.1
Jesse Smith ≫ Bftpd Version2.1.1
Jesse Smith ≫ Bftpd Version2.1.2
Jesse Smith ≫ Bftpd Version2.2
Jesse Smith ≫ Bftpd Version2.2.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.73% | 0.703 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|