Back to search
CVE-2000-0574
Published: Jul 19, 2000
Modified: Aug 8, 2024
PUBLISHED
Description
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1425
vdb-entry
x_refsource_BID
20000710 opieftpd setproctitle() patches
mailing-list
x_refsource_BUGTRAQ
1438
vdb-entry
x_refsource_BID
20000706 ftpd and setproctitle()
mailing-list
x_refsource_BUGTRAQ
20000705 proftp advisory
mailing-list
x_refsource_BUGTRAQ
CA-2000-13
third-party-advisory
x_refsource_CERT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now