ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd (the portable version of NetBSD ftpd) prior to 20231001 is also vulnerable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netbsd tnftpd |
||
netbsd ftpd |