Vulnerabilities > CVE-2023-22551 - Unspecified vulnerability in FTP Project FTP

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

ftp-project

NVD

Published: 2023-01-01

Updated: 2023-01-10

Summary

The FTP (aka "Implementation of a simple FTP client and server") project through 96c1a35 allows remote attackers to cause a denial of service (memory consumption) by engaging in client activity, such as establishing and then terminating a connection. This occurs because malloc is used but free is not.

Vulnerable Configurations

Part	Description	Count
Application	Ftp_Project FTP Project FTP *	1

References

https://github.com/rovinbhandari/FTP/issues/8