Oval Definition:
oval:org.opensuse.security:def:202014149
Revision Date
:
2021-06-25
Version
:
1
Title
:
CVE-2020-14149
Description
:
In uftpd before 2.12, handle_CWD in ftpcmd.c mishandled the path provided by the user, causing a NULL pointer dereference and denial of service, as demonstrated by a CWD /.. command.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2020-14149
openSUSE-SU-2020:0865-1
Mitre CVE-2020-14149
SUSE CVE-2020-14149
openSUSE-SU-2020:0865-1
Platform(s)
:
openSUSE Leap 15.1
Product(s)
:
Definition Synopsis
openSUSE Leap 15.1 is installed
AND
Package Information
uftpd-2.12-lp151.2.6.1 is installed
AND
uftpd is signed with openSUSE key
BACK