VULHUB ™

It has been discovered that NetBSD fails to escape non-response digits present in ftp requests. By passing a maliciously constructed FTP request containing an unescaped non-response digit, it may be possible to corrupt a firewalls stateful inspection of FTP traffic. Though not confirmed, exploitation of this vulnerability may expose vulnerable services to attackers.

It has been discovered that NetBSD fails to escape non-response digits present in ftp requests. By passing a maliciously constructed FTP request containing an unescaped non-response digit, it may be possible to corrupt a firewalls stateful inspection of FTP traffic. Though not confirmed, exploitation of this vulnerability may expose vulnerable services to attackers.