Bug 23352

Summary: [SECURITY] buffer overflow in opieftpd
Product: Base System Reporter: Przemyslaw Frasunek <venglin>
Component: binAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 4.2-STABLE   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff none

Description Przemyslaw Frasunek 2000-12-07 11:20:01 UTC 
	ftpd_popen() from opieftpd contains buffer overflow. opieftpd is not
	compiled by default.

How-To-Repeat: 
	N/A
Comment 1 des 2000-12-07 11:54:15 UTC 
venglin@freebsd.lublin.pl writes:
> 	ftpd_popen() from opieftpd contains buffer overflow. opieftpd is not
> 	compiled by default.

While you're there, you might want to rewrite ftpd_popen() (both in
opieftpd and regular ftpd - they should be identical, or at least very
similar) so that it takes a list of arguments instead of a single
string which it breaks into arguments.

DES
-- 
Dag-Erling Smorgrav - des@ofug.org
Comment 2 Kris Kennaway freebsd_committer freebsd_triage 2003-07-13 06:57:39 UTC 
State Changed
From-To: open->closed

Patch committed, thanks.