Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

FTPD glob Heap Corruption

Severity

Critical

Family

FTP

CVSSv2 Base

10.0

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Vendor Patch

Created

17 years ago

Modified

4 years ago

The FTPD glob vulnerability manifests itself in handling of the glob command. The problem is not a typical buffer overflow or format string vulnerability, but a combination of two bugs: an implementation of the glob command that does not properly return an error condition when interpreting the string ~' + bracket + ', and then frees memory which may contain user supplied data. This vulnerability is potentially exploitable by any user who is able to log in to a vulnerable server, including users with anonymous access. If successful, an attacker may be able to execute arbitrary code with the privileges of FTPD, typically root.

Solution

Contact your vendor for a fix.

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

FTPD glob Heap Corruption

Severity

Family

CVSSv2 Base

CVSSv2 Vector

Solution Type

Created

Modified

Share

Solution

Common Vulnerabilities and Exposures (CVE)

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

FTPD glob Heap Corruption

Information

Severity

Severity

Family

Family

CVSSv2 Base

CVSSv2 Base

CVSSv2 Vector

CVSSv2 Vector

Solution Type

Solution Type

Created

Created

Modified

Modified

Share

Summary

Solution

Solution

Common Vulnerabilities and Exposures (CVE)