Launchpad CVE tracker

CVE 2007-3961

Off-by-one error in the fsp_readdir_r function in fsplib.c in fsplib before 0.9 allows remote attackers to cause a denial of service via a directory entry whose length is exactly MAXNAMELEN, which prevents a terminating null byte from being added.

Related bugs and status

CVE-2007-3961 (Candidate) is related to these bugs:

Bug #185040: [gftp] [CVE-2007-3961] [CVE-2007-3962] possible execution of arbitrary code or DoS

Summary				In	Importance	Status
	185040	[gftp] [CVE-2007-3961] [CVE-2007-3962] possible execution of arbitrary code or DoS		gftp (Ubuntu)	Low	Won't Fix
	185040	[gftp] [CVE-2007-3961] [CVE-2007-3962] possible execution of arbitrary code or DoS		gftp (Gentoo Linux)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

SECUNIA: 26184
SECUNIA: 26378
CONFIRM: http://bugs.gentoo.org...
GENTOO: GLSA-200711-01
SECUNIA: 27501
MANDRIVA: MDVSA-2008:018
OSVDB: 38568
MISC: http://fsp.cvs.sourcef...
CONFIRM: http://fsp.cvs.sourcef...

Launchpad.net

CVE 2007-3961

Related bugs and status

Related bugs

References