oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Several out of bounds reads in ProFTPD

From: Moritz Mühlenhoff <jmm () inutil org>
Date: Fri, 11 Mar 2016 22:22:40 +0100
On Fri, Mar 11, 2016 at 05:25:15PM +0100, Hanno Böck wrote:

https://blog.fuzzing-project.org/40-Several-out-of-bounds-reads-in-ProFTPD.html

The latest releases of ProFTPD 1.3.5a and 1.3.6rc2 fix several out of
bounds read issues. I discovered these issues by running the test suite
with Address Sanitizer enabled.


Can you elaborate on the impact? Do any of these allow a user to crash the ftpd or
can the user merely terminate  her own FTP session?

Cheers,
        Moritz
Previous By Date Next
Previous By Thread Next

Current thread: