Invia #673133: bftpd Project bftpd FTP Server 6.2 Heap-based Buffer Overflowinformazioni

Titolobftpd Project bftpd FTP Server 6.2 Heap-based Buffer Overflow
DescrizioneA heap buffer overflow vulnerability exists in bftpd ≤ 6.2 within the `expand_groups()` function (options.c). The function appends a comma to a buffer allocated via `strdup()`, causing a 2-byte heap overflow. The issue can be triggered during processing of user commands when group definitions are parsed from a crafted configuration file, leading to process crash and potential code execution.
Fonte⚠️ https://shimo.im/docs/rp3OMVMZZXc9lvkm/
Utente
 zh_vul (UID 91488)
Sottomissione11/10/2025 05:20 (8 mesi fa)
Moderazione19/10/2025 05:06 (8 days later)
StatoAccettato
Voce VulDB329027 [bftpd fino a 6.2 Configuration File options.c expand_groups buffer overflow]
Punti20

PrecedenteVisione D'ensembleIl prossimo

Interested in the pricing of exploits?

See the underground prices here!