CVE-2020-5204

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-5204

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-5204.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-5204

Downstream

openSUSE-SU-2020:0069-1

Related

GHSA-wrpr-xw7q-9wvq
openSUSE-SU-2020:0069-1

Published

2020-01-06T20:15:12Z

Modified

2025-10-21T05:54:16.158090Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In uftpd before 2.11, there is a buffer overflow vulnerability in handle_PORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf() with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses (len('255.255.255.255') == 16), but the format specifier %d allows more than 3 digits. This has been fixed in version 2.11

References

Affected packages

Git / github.com/troglobit/uftpd

Affected ranges

Type: GIT
Repo: https://github.com/troglobit/uftpd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

0fb2c031ce0ace07cc19cd2cb2143c4b5a63c9dd

Affected versions

v0.*

v0.1

v1.*

v1.0

v1.1

v1.2

v1.3

v1.4

v1.5

v1.6

v1.7

v1.8

v1.9

v1.9.1

v2.*

v2.0

v2.0-rc1

v2.0.1

v2.0.2

v2.1

v2.10

v2.2

v2.3

v2.4

v2.5

v2.6

v2.7

v2.8

v2.9

Database specific

vanir_signatures

[
    {
        "id": "CVE-2020-5204-a2bfc361",
        "source": "https://github.com/troglobit/uftpd/commit/0fb2c031ce0ace07cc19cd2cb2143c4b5a63c9dd",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "src/ftpcmd.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "305627866150381828683865241657895014322",
                "12937131316666879073544403319990601086",
                "173866264394877993175631420443797992491",
                "250823014807152732547613692800473923267"
            ]
        },
        "signature_type": "Line"
    },
    {
        "id": "CVE-2020-5204-d12c122b",
        "source": "https://github.com/troglobit/uftpd/commit/0fb2c031ce0ace07cc19cd2cb2143c4b5a63c9dd",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "function": "handle_PORT",
            "file": "src/ftpcmd.c"
        },
        "digest": {
            "length": 898.0,
            "function_hash": "73284893654735530245356761491877463198"
        },
        "signature_type": "Function"
    }
]