VULHUB ™

Multiple remote vulnerabilities reportedly affect Rosiello Security's rftpd. These issues are due to buffer mismanagement and failures to handle certain network data. The first issue is a failure of the application to properly implement an authentication scheme. Multiple information leaks reportedly affects the application due to a failure to properly NULL terminate strings created with the 'strncpy()' function. Multiple remote buffer overflows are reported to affect various commands of the affected server application. A local buffer overflow exists in the processing of the Message Of The Day (MOTD) file. Finally, the affected application is affected by an access validation vulnerability. These issues may be exploited to gain unauthorized access to the FTP server, reveal potentially sensitive memory, trigger a denial of service condition, bypass file and directory permissions, and execute arbitrary code with the privilege of the affected server process.

Multiple remote vulnerabilities reportedly affect Rosiello Security's rftpd. These issues are due to buffer mismanagement and failures to handle certain network data. The first issue is a failure of the application to properly implement an authentication scheme. Multiple information leaks reportedly affects the application due to a failure to properly NULL terminate strings created with the 'strncpy()' function. Multiple remote buffer overflows are reported to affect various commands of the affected server application. A local buffer overflow exists in the processing of the Message Of The Day (MOTD) file. Finally, the affected application is affected by an access validation vulnerability. These issues may be exploited to gain unauthorized access to the FTP server, reveal potentially sensitive memory, trigger a denial of service condition, bypass file and directory permissions, and execute arbitrary code with the privilege of the affected server process.