VULHUB ™

The GtkFtpd LIST command routine has been reported prone to a remotely exploitable buffer overflow vulnerability. The issue presents itself in the sys_cmd.c source file, and is due to a lack of sufficient bounds checking that is performed on user-supplied data. Ultimately this issue may be leveraged by a remote attacker to influence GtkFtpd program execution flow and have arbitrary supplied instructions executed in the context of the vulnerable daemon, typically root.

The GtkFtpd LIST command routine has been reported prone to a remotely exploitable buffer overflow vulnerability. The issue presents itself in the sys_cmd.c source file, and is due to a lack of sufficient bounds checking that is performed on user-supplied data. Ultimately this issue may be leveraged by a remote attacker to influence GtkFtpd program execution flow and have arbitrary supplied instructions executed in the context of the vulnerable daemon, typically root.