FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-29 10:45:39 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID Description

VuXML ID	Description
ef410571-a541-11d9-a788-0001020eed82	wu-ftpd -- remote globbing DoS vulnerability An iDEFENSE Security Advisory reports: Remote exploitation of an input validation vulnerability in version 2.6.2 of WU-FPTD could allow for a denial of service of the system by resource exhaustion. The vulnerability specifically exists in the `wu_fnmatch()` function in wu_fnmatch.c. When a pattern containing a '' character is supplied as input, the function calls itself recursively on a smaller substring. By supplying a string which contains a large number of '' characters, the system will take a long time to return the results, during which time it will be using a large amount of CPU time. Discovery 2005-02-05 Entry 2005-04-04 wu-ftpd < 2.6.2_6 wu-ftpd+ipv6 < 2.6.2_7 CVE-2005-0256 http://marc.theaimsgroup.com/?l=bugtraq&m=110935886414939

ef410571-a541-11d9-a788-0001020eed82

wu-ftpd -- remote globbing DoS vulnerability

An iDEFENSE Security Advisory reports:

Remote exploitation of an input validation vulnerability in version 2.6.2 of WU-FPTD could allow for a denial of service of the system by resource exhaustion.

The vulnerability specifically exists in the wu_fnmatch() function in wu_fnmatch.c. When a pattern containing a '*' character is supplied as input, the function calls itself recursively on a smaller substring. By supplying a string which contains a large number of '*' characters, the system will take a long time to return the results, during which time it will be using a large amount of CPU time.

Discovery 2005-02-05
Entry 2005-04-04
wu-ftpd

< 2.6.2_6

wu-ftpd+ipv6

< 2.6.2_7

CVE-2005-0256
http://marc.theaimsgroup.com/?l=bugtraq&m=110935886414939