CVE-2005-3524 Information

Description

Buffer overflow in the SSL-ready version of linux-ftpd (linux-ftpd-ssl) 0.17 allows remote attackers to execute arbitrary code by creating a long directory name then executing the XPWD command.

Reference

http://seclists.org/lists/fulldisclosure/2005/Nov/0140.html http://secunia.com/advisories/17465 http://secunia.com/advisories/17529 http://secunia.com/advisories/17586 http://www.debian.org/security/2005/dsa-896 http://www.osvdb.org/20530 http://www.securityfocus.com/bid/15343 http://www.vupen.com/english/advisories/2005/2330 https://exchange.xforce.ibmcloud.com/vulnerabilities/23016