Format String Vulnerability in FTP Servers

Format String Vulnerability in FTP Servers

CVE-2000-0574 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.

Learn more about our Cis Benchmark Audit For Server Software.