CVE-2004-0376

Name of the Vulnerable Software and Affected Versions oftpd versions 0.3.6 and earlier

Description The issue affects the oftpd package in Debian GNU/Linux, potentially leading to a disruption in the availability of protected information. This can be exploited remotely. Specifically, a denial of service (crash) can occur via a PORT command with a large value.

Recommendations For oftpd versions 0.3.6 and earlier, consider restricting access to the PORT command to minimize the risk of exploitation until a patch is available. As a temporary workaround, limiting the size of values accepted by the PORT command may help mitigate the issue.