Vulnerabilities > CVE-2002-2245 - Numeric Errors vulnerability in Netbsd Ftpd
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |