December 19, 2000

Possible NetBSD and OpenBSD ftpd exploit

Author: JT Smith

"A buffer overflow in ftpd in OpenBSD was reported to the OpenBSD bugs mailing list by Kristian Vlaardingerbroek
on Dec. 4. Apparently, due to the one-byte overrun in the replydirname() function, it is possible to get a remote root
shell. This problem also exists in NetBSD's ftpd." Full details at BSD Today.


  • Linux
Click Here!