CVE-2023-51713

Severity CVSS v4.0:
Pending analysis
Type:
CWE-125 Out-of-bounds Read
Publication date:
22/12/2023
Last modified:
08/01/2024

Description

make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:* 1.3.8a (excluding)