Vulnerability Description
Double free vulnerability in the getreply function in ftp.c in netkit ftp (netkit-ftp) 0.17 20040614 and later allows remote FTP servers to cause a denial of service (application crash) and possibly have unspecified other impact via some types of FTP protocol behavior. NOTE: the netkit-ftpd issue is covered by CVE-2007-6263.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netkit-Ftp | Netkit Ftp | 0.17 |
Related Weaknesses (CWE)
References
- http://bugs.gentoo.org/show_bug.cgi?id=199206ExploitPatch
- http://cvs.fedora.redhat.com/viewcvs/rpms/ftp/F-8/netkit-ftp-0.17-sigseg.patch?vExploit
- http://marc.info/?l=full-disclosure&m=119704348003382&w=2
- http://www.securityfocus.com/bid/26764
- http://bugs.gentoo.org/show_bug.cgi?id=199206ExploitPatch
- http://cvs.fedora.redhat.com/viewcvs/rpms/ftp/F-8/netkit-ftp-0.17-sigseg.patch?vExploit
- http://marc.info/?l=full-disclosure&m=119704348003382&w=2
- http://www.securityfocus.com/bid/26764
FAQ
What is CVE-2007-5769?
CVE-2007-5769 is a vulnerability with a CVSS score of 10.0 (HIGH). Double free vulnerability in the getreply function in ftp.c in netkit ftp (netkit-ftp) 0.17 20040614 and later allows remote FTP servers to cause a denial of service (application crash) and possibly h...
How severe is CVE-2007-5769?
CVE-2007-5769 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5769?
Check the references section above for vendor advisories and patch information. Affected products include: Netkit-Ftp Netkit Ftp.