CNNVD-202510-2555 Information
Oct 19, 2025
cve
CNNVD ID
CNNVD-202510-2555
Related CVE
- CNNVD Published: 2025-10-19
Description (Chinese)
Bftpd是一款FTP(文件传输协议)服务器。 bftpd 6.2及之前版本存在安全漏洞,该漏洞源于组件Configuration File Handler的文件options.c中函数expand_groups存在堆缓冲区溢出,可能导致本地主机攻击。
Description (English)
Bftpd is a FTP (document transfer protocol) server. bftpd 6.2 and previous versions contain a security loophole resulting from the spilling of a local mainframe attack from the document options.c function of component CONfiguration File Handler, extpand groups.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-10-19
Last Modified
2026-02-24
References
https://vuldb.com/?id.329027 https://vuldb.com/?ctiid.329027 https://vuldb.com/?submit.673133 https://shimo.im/docs/rp3OMVMZZXc9lvkm/ https://access.redhat.com/security/cve/cve-2025-11947
Patch
https://bftpd.sourceforge.net/download.html
Share on: