GuildFTPd 0.999.14, and possibly other versions, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the CWD and LIST commands, which triggers heap corruption related to an improper free call, and possibly triggering a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
guildftpd guildftpd 0.999.14 |