Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
bftpd Configuration File options.c expand_groups heap-based overflow
Vulnerability Description
A weakness has been identified in bftpd up to 6.2. Impacted is the function expand_groups of the file options.c of the component Configuration File Handler. Executing a manipulation can lead to heap-based buffer overflow. It is possible to launch the attack on the local host. Attacks of this nature are highly complex. The exploitability is considered difficult. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
bftpd 安全漏洞
Vulnerability Description
Bftpd是一款FTP(文件传输协议)服务器。 bftpd 6.2及之前版本存在安全漏洞,该漏洞源于组件Configuration File Handler的文件options.c中函数expand_groups存在堆缓冲区溢出,可能导致本地主机攻击。
CVSS Information
N/A
Vulnerability Type
N/A