|
|
ProFTPD 1.2.0rc2 log_pri() Format String Vulnerability
A vulnerability exists in ProFTPD when executing its shutdown routine. It has been reported that the main_exit() called during shutdown fails to sufficiently supply format specifiers for input. Under certain circumstances the input passed to the function may contain user-supplied input. If this format bug were successfully exploited, an attacker may be able to create a situation in which arbitrary code execution may occur. |
|
Privacy Statement |