Published: 20/10/2004 Updated: 11/07/2017
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
VMScore: 454
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Summary

Multiple signal handler race conditions in lukemftpd (aka tnftpd prior to 20040810) allow remote authenticated attackers to cause a denial of service or execute arbitrary code.

Affected Products

Vendor Product Versions
Luke MewburnLukemftp1.1, 1.5
Luke MewburnTnftpd2003-12-17

Vendor Advisories

Przemyslaw Frasunek discovered a vulnerability in tnftpd or lukemftpd respectively, the enhanced ftp daemon from NetBSD An attacker could utilise this to execute arbitrary code on the server For the stable distribution (woody) this problem has been fixed in version 11-1woody2 For the unstable distribution (sid) this problem has been fixed in ve ...