Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for ftpd by openbsd

    CVE-2000-0574 (GCVE-0-2000-0574)

    Vulnerability from cvelistv5 – Published: 2000-07-19 04:00 – Updated: 2024-08-08 05:21
    VLAI
    Summary
    FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/1425 vdb-entryx_refsource_BID
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/1438 vdb-entryx_refsource_BID
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/adv… vendor-advisoryx_refsource_NETBSD
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://www.cert.org/advisories/CA-2000-13.html third-party-advisoryx_refsource_CERT
    Date Public
    2000-07-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:21:31.195Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1425",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1425"
              },
              {
                "name": "20000710 opieftpd setproctitle() patches",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0121.html"
              },
              {
                "name": "1438",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1438"
              },
              {
                "name": "20000706 ftpd and setproctitle()",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0061.html"
              },
              {
                "name": "NetBSD-SA2000-009",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
                  "x_transferred"
                ],
                "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc"
              },
              {
                "name": "20000705 proftp advisory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0031.html"
              },
              {
                "name": "CA-2000-13",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.cert.org/advisories/CA-2000-13.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-07-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-21T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1425",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1425"
            },
            {
              "name": "20000710 opieftpd setproctitle() patches",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0121.html"
            },
            {
              "name": "1438",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1438"
            },
            {
              "name": "20000706 ftpd and setproctitle()",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0061.html"
            },
            {
              "name": "NetBSD-SA2000-009",
              "tags": [
                "vendor-advisory",
                "x_refsource_NETBSD"
              ],
              "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc"
            },
            {
              "name": "20000705 proftp advisory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0031.html"
            },
            {
              "name": "CA-2000-13",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.cert.org/advisories/CA-2000-13.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0574",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1425",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1425"
                },
                {
                  "name": "20000710 opieftpd setproctitle() patches",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0121.html"
                },
                {
                  "name": "1438",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1438"
                },
                {
                  "name": "20000706 ftpd and setproctitle()",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0061.html"
                },
                {
                  "name": "NetBSD-SA2000-009",
                  "refsource": "NETBSD",
                  "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc"
                },
                {
                  "name": "20000705 proftp advisory",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0031.html"
                },
                {
                  "name": "CA-2000-13",
                  "refsource": "CERT",
                  "url": "http://www.cert.org/advisories/CA-2000-13.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0574",
        "datePublished": "2000-07-19T04:00:00.000Z",
        "dateReserved": "2000-07-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:21:31.195Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0574 (GCVE-0-2000-0574)

    Vulnerability from nvd – Published: 2000-07-19 04:00 – Updated: 2024-08-08 05:21
    VLAI
    Summary
    FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/1425 vdb-entryx_refsource_BID
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/1438 vdb-entryx_refsource_BID
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/adv… vendor-advisoryx_refsource_NETBSD
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://www.cert.org/advisories/CA-2000-13.html third-party-advisoryx_refsource_CERT
    Date Public
    2000-07-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:21:31.195Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1425",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1425"
              },
              {
                "name": "20000710 opieftpd setproctitle() patches",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0121.html"
              },
              {
                "name": "1438",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1438"
              },
              {
                "name": "20000706 ftpd and setproctitle()",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0061.html"
              },
              {
                "name": "NetBSD-SA2000-009",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
                  "x_transferred"
                ],
                "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc"
              },
              {
                "name": "20000705 proftp advisory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0031.html"
              },
              {
                "name": "CA-2000-13",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.cert.org/advisories/CA-2000-13.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-07-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-21T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1425",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1425"
            },
            {
              "name": "20000710 opieftpd setproctitle() patches",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0121.html"
            },
            {
              "name": "1438",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1438"
            },
            {
              "name": "20000706 ftpd and setproctitle()",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0061.html"
            },
            {
              "name": "NetBSD-SA2000-009",
              "tags": [
                "vendor-advisory",
                "x_refsource_NETBSD"
              ],
              "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc"
            },
            {
              "name": "20000705 proftp advisory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0031.html"
            },
            {
              "name": "CA-2000-13",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.cert.org/advisories/CA-2000-13.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0574",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1425",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1425"
                },
                {
                  "name": "20000710 opieftpd setproctitle() patches",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0121.html"
                },
                {
                  "name": "1438",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1438"
                },
                {
                  "name": "20000706 ftpd and setproctitle()",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0061.html"
                },
                {
                  "name": "NetBSD-SA2000-009",
                  "refsource": "NETBSD",
                  "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc"
                },
                {
                  "name": "20000705 proftp advisory",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0031.html"
                },
                {
                  "name": "CA-2000-13",
                  "refsource": "CERT",
                  "url": "http://www.cert.org/advisories/CA-2000-13.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0574",
        "datePublished": "2000-07-19T04:00:00.000Z",
        "dateReserved": "2000-07-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:21:31.195Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }