Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: FreeBSD, NetBSD, OpenBSD, denial of service of ftpd

March 2010 by Vigil@nce

SYNTHESIS OF THE VULNERABILITY

An attacker can use the LIST command, in order to force ftpd to
dereference a NULL pointer, which stops it.

Severity: 2/4

Consequences: denial of service of service

Provenance: internet client

Means of attack: 1 attack

Ability of attacker: technician (2/4)

Confidence: confirmed by the editor (5/5)

Diffusion of the vulnerable configuration: high (3/3)

Creation date: 08/03/2010

IMPACTED PRODUCTS

 FreeBSD
 NetBSD
 OpenBSD

DESCRIPTION OF THE VULNERABILITY

The glob() function is used to obtain the list of files matching a
searched pattern (for example "*.txt").

The ftpd daemon manages the FTP LIST command with glob(). For
example, a ftp client user can run:
ls *.txt

When the used pattern is very complex, the glob() function returns
no entry. However, ftpd does not check this case, and dereferences
a NULL pointer.

An attacker can therefore use the LIST command, in order to force
ftpd to dereference a NULL pointer, which stops it.

CHARACTERISTICS

Identifiers: BID-38559, VIGILANCE-VUL-9501

http://vigilance.fr/vulnerability/FreeBSD-NetBSD-OpenBSD-denial-of-service-of-ftpd-9501


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts