"A buffer overflow in ftpd in OpenBSD was reported to the OpenBSD bugs mailing list by Kristian Vlaardingerbroek
on Dec. 4. Apparently, due to the one-byte overrun in the replydirname() function, it is possible to get a remote root
shell. This problem also exists in NetBSD's ftpd." Full details at BSD Today.
December 19, 2000