CVE-2020-5204 MEDIUM

CVE-2020-5204: Buffer overflow vulnerability in uftpd

Vendor Troglobit
Product uftpd
Weakness CWE-121
Published January 6, 2020
Last update August 4, 2024

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

What the vulnerability does

01Description

In uftpd before 2.11, there is a buffer overflow vulnerability in handle_PORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf() with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses (len('255.255.255.255') == 16), but the format specifier %d allows more than 3 digits. This has been fixed in version 2.11

Key dates

02Disclosure timeline

January 6, 2020 CVE published
August 4, 2024 Record updated