Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| yepyep | mtftpd | 0.3 |
| yepyep | mtftpd | 0.2 |
| yepyep | mtftpd | 0.1a |
Buffer overflow in the mt_do_dir function in YepYep mtftpd 0.0.3 may allow attackers to execute arbitrary code via a long path.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| yepyep | mtftpd | 0.3 |
| yepyep | mtftpd | 0.2 |
| yepyep | mtftpd | 0.1a |