Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Gentoo: GLSA-200403-08 Moderate: oftpd Denial of Service

gentoo
Calendar Grey March 29, 2004
Dist Gentoo Esm H88
A remote denial-of-service vulnerability exists in Gentoo's oftpd service. To mitigate potential threats, please upgrade immediately. For further information, consult GLSA 200403-08.
A remotely-exploitable overflow exists in oftpd, allowing an attacker to crash the oftpd daemon.

Summary

Gentoo Linux Security Advisory GLSA 200403-08 https://security.gentoo.org/ Severity: Normal Title: oftpd DoS vulnerability Date: March 29, 2004 Bugs: #45738 ID: 200403-08

Synopsis ======= A remotely-exploitable overflow exists in oftpd, allowing an attacker to crash the oftpd daemon.
Background ========= Quote from "oftpd is designed to be as secure as an anonymous FTP server can possibly be. It runs as non-root for most of the time, and uses the Unix chroot() command to hide most of the systems directories from external users - they cannot change into them even if the server is totally compromised! It contains its own directory change code, so that it can run efficiently as a threaded server, and its own directory listing code (most FTP servers execute the system "ls" command to list files)."
Affected packages ================ ------------------------------------------------------...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround