CVE-2009-4593

CVE-2009-4593 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The bftpdutmp_log function in bftpdutmp.c in Bftpd before 2.4 does not place a '\0' character at the end of the string value of the ut.bu_host structure member, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors. NOTE: some of these details are obtained from third party information.

Learn more about our Web Application Penetration Testing UK.