CVE-2009-4593
Summary
The bftpdutmp_log function in bftpdutmp.c in Bftpd before 2.4 does not place a '\0' character at the end of the string value of the ut.bu_host structure member, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors. NOTE: some of these details are obtained from third party information.
- LOW
- NETWORK
- NONE
- NONE
- NONE
- PARTIAL
References
Advisory Timeline
- Published