uftpd up to 2.10 ftpcmd.c handle_PORT stack-based overflow

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in uftpd up to 2.10 (File Transfer Software) and classified as critical. This issue affects the function handle_PORT of the file ftpcmd.c. Upgrading to version 2.11 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
970478801/07/2020VulD...cve_nvd_summaryIn uftpd before 2.11, there is a buffer overflow vulnerability in handle_PORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf() with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses (len('255.255.255.255') == 16), but the format specifier %d allows more than 3 digits. This has been fixed in version 2.11mitre.org01/07/2020accepted100
970478701/07/2020VulD...cve_assigned1577923200mitre.org01/07/2020accepted100
970477901/07/2020VulD...cvss3_nvd_aLnist.gov01/07/2020accepted100
970477801/07/2020VulD...cvss3_nvd_iLnist.gov01/07/2020accepted100
970477701/07/2020VulD...cvss3_nvd_cLnist.gov01/07/2020accepted100
970477601/07/2020VulD...cvss3_nvd_sCnist.gov01/07/2020accepted100
970477501/07/2020VulD...cvss3_nvd_uiRnist.gov01/07/2020accepted100
970477401/07/2020VulD...cvss3_nvd_prLnist.gov01/07/2020accepted100
970477301/07/2020VulD...cvss3_nvd_acLnist.gov01/07/2020accepted100
970477201/07/2020VulD...cvss3_nvd_avNnist.gov01/07/2020accepted100
970475001/07/2020VulD...cwe121 (memory corruption)01/07/2020accepted100
970474501/07/2020VulD...typeFile Transfer Software01/07/2020accepted100
970479501/07/2020VulD...cvss3_nvd_basescore6.5nist.gov01/07/2020accepted90
970479401/07/2020VulD...cvss3_vuldb_rcU01/07/2020accepted90
970479301/07/2020VulD...cvss3_vuldb_rlO01/07/2020accepted90
970479201/07/2020VulD...cvss3_vuldb_eX01/07/2020accepted90
970479101/07/2020VulD...cvss2_vuldb_rcUC01/07/2020accepted90
970479001/07/2020VulD...cvss2_vuldb_rlOF01/07/2020accepted90
970478901/07/2020VulD...cvss2_vuldb_eND01/07/2020accepted90
970478601/07/2020VulD...cveCVE-2020-5204mitre.org01/07/2020accepted100

Want to stay up to date on a daily basis?

Enable the mail alert feature now!