CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-9365

HIGH
7.5
CVSS Severity Score
EPSS Score0.1090%
EPSS Percentile7.09th
Published2020年2月24日
Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c.

Affected Platforms (CPE)

📦
Pureftpd

Pure Ftpd

= 1.0.49
💻
Fedoraproject

Fedora

= 30
💻
Fedoraproject

Fedora

= 31
💻
Fedoraproject

Fedora

= 32

References & Advisories

🔗 https://github.com/jedisct1/pure-ftpd/commit/36c6d268cb190282a2c17106acfd31863121b58e
🔗 https://github.com/jedisct1/pure-ftpd/commit/bf6fcd4935e95128cf22af5924cdc8fe5c0579da
🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22P44PECZWNDP7CMBL7NRBMNFS73C5Z2/
🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5NSUDWXZVWUCL6R2PTX3KBB42Z62CA5/
🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5DBVHJCXWRSJPNJQCJQCKZF6ZDPZCKA/
🔗 https://security.gentoo.org/glsa/202003-54
🔗 https://github.com/jedisct1/pure-ftpd/commit/36c6d268cb190282a2c17106acfd31863121b58e
🔗 https://github.com/jedisct1/pure-ftpd/commit/bf6fcd4935e95128cf22af5924cdc8fe5c0579da

関連する脆弱性情報

CVE-2017-121709.8

Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configur...

CVE-2020-92747.5

An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked lis...

CVE-2020-353597.5

Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough connections to exceed the connection li...

CVE-2019-201767.5

In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c.