Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and previous versions, as used on FreeBSD 6.4 up to and including 8.1-PRERELEASE and other platforms, allows remote malicious users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freebsd freebsd 6.4 |
||
freebsd freebsd 7.0 |
||
freebsd freebsd 7.0_beta4 |
||
freebsd freebsd 7.1 |
||
freebsd freebsd 6 |
||
freebsd freebsd 7.2 |
||
freebsd freebsd 7.0_releng |
||
freebsd freebsd 7.0-release |
||
freebsd freebsd 8.0 |
||
freebsd freebsd 8.1-prerelease |
||
nrl opie 2.32 |
||
nrl opie 2.11 |
||
nrl opie 2.10 |
||
nrl opie 2.3 |
||
nrl opie 2.22 |
||
nrl opie 2.4 |
||
nrl opie |
||
nrl opie 2.21 |
||
nrl opie 2.2 |