Remote Denial of Service Vulnerability in FreeBSD ftpd Service
CVE-2010-4816

7.5HIGH

Key Information:

Vendor
OpenBSD
Status
FreeBSD And OpenBSD Ftpd Service
Vendor
CVE Published:
22 June 2021

Summary

A null pointer dereference vulnerability exists in the ftpd service of FreeBSD and OpenBSD that could allow an attacker to trigger a remote denial of service. This vulnerability affects various versions of FreeBSD including 8.0, 6.3, and 4.9, as well as OpenBSD 4.6. Exploiting this flaw can lead to the unavailability of the ftpd service, compromising the security posture of affected systems.

Affected Version(s)

FreeBSD and OpenBSD ftpd service FreeBSD 8.0, 6.3 and 4.9, OpenBSD 4.6

References

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=144761
x_refsource_MISC
https://seclists.org/fulldisclosure/2010/Mar/117
x_refsource_MISC
https://seclists.org/oss-sec/2011/q3/284
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.