OSVDB ID: 81535

Title: PSFTP PSFTP_Key.dat NULL Pointer Dereference Unicode Key Parsing Local DoS

Info

Disclosure

Apr 23, 2012

Discovery

Unknown

Dates

Exploit

Apr 23, 2012

Solution

Unknown

Description

PSFTP contains a flaw related to PSFTP_Key.dat that may allow a local denial of service. The issue is triggered when a null pointer dereference occurs when parsing unicode keys, and will result in loss of availability for the application.

Classification

Location: Local Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Solution Unknown
Exploit: Exploit Public
Disclosure: Uncoordinated Disclosure

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

Sergei Pleis

PSFTP

1.8 build 921

References

Packet Storm: http://packetstormsecurity.org/files/112093/PSFTP-1.8-Build-921-Denial-Of-Service.html
Mail List Post: http://seclists.org/bugtraq/2012/Apr/171
Vendor URL: http://www.psftp.de/index.php
Other Advisory URL: http://www.vulnerability-lab.com/get_content.php?id=523

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/81535