An esoteric buffer overflow bug in OpenBSD has been upgraded in importance after it was discovered that, in certain conditions, it could allow a cracker to gain remote access to a server. Users are recommended to apply a patch to fix . . .

An esoteric buffer overflow bug in OpenBSD has been upgraded in importance after it was discovered that, in certain conditions, it could allow a cracker to gain remote access to a server. Users are recommended to apply a patch to fix the one-byte buffer overflow vulnerability present in an OpenBSD service called ftpd(8). The issue particularly affects non-anonymous FTP (File Transfer Protocol) servers, and administrators of these services are also been encouraged to use more secure transport mechanisms.

For a system to be vulnerable, ftpd must have been enabled by the administrator because by default OpenBSD ships with the service turned off - though it is a frequently used service.

The link for this article located at The Register is no longer available.

The link for this article located at The Register is no longer available.