Back to search
CVE-2010-1938
Published: May 28, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://blog.pi3.com.pl/?p=111
x_refsource_MISC
7450
third-party-advisory
x_refsource_SREASON
40403
vdb-entry
x_refsource_BID
http://site.pi3.com.pl/adv/libopie-adv.txt
x_refsource_MISC
1024040
vdb-entry
x_refsource_SECTRACK
DSA-2281
vendor-advisory
x_refsource_DEBIAN
FreeBSD-SA-10:05
vendor-advisory
x_refsource_FREEBSD
39966
third-party-advisory
x_refsource_SECUNIA
12762
exploit
x_refsource_EXPLOIT-DB
20100527 libopie __readrec() off-by one (FreeBSD ftpd remote PoC)
third-party-advisory
x_refsource_SREASONRES
1025709
vdb-entry
x_refsource_SECTRACK
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932
x_refsource_CONFIRM
39963
third-party-advisory
x_refsource_SECUNIA
45136
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now