** DISPUTED ** A vulnerability was found in ewxrjk sftpserver. It has been declared as problematic. Affected by this vulnerability is the function sftp_parse_path of the file parse.c. The manipulation leads to uninitialized pointer. The real existence of this vulnerability is still doubted at the moment. The name of the patch is bf4032f34832ee11d79aa60a226cc018e7ec5eed. It is recommended to apply a patch to fix this issue. The identifier VDB-216205 was assigned to this vulnerability. NOTE: In some deployment models this would be a vulnerability. README specifically warns about avoiding such deployment models.
More Stories
ZDI-CAN-25373: Microsoft
A CVSS score 7.0 AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus - Trend Micro Zero Day Initiative' was reported to...
DSA-5774-1 ruby-saml – security update
It was discovered that ruby-saml, a SAML library implementing the client side of a SAML authorization, does not properly verify...
USN-6968-2: PostgreSQL vulnerability
USN-6968-1 fixed CVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16 This update provides the corresponding updates for PostgreSQL-9.5 in Ubuntu 16.04 LTS....
USN-7015-2: Python vulnerabilities
USN-7015-1 fixed several vulnerabilities in Python. This update provides one of the corresponding updates for python2.7 for Ubuntu 16.04 LTS,...
USN-7027-1: Emacs vulnerabilities
It was discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands....
USN-7024-1: tgt vulnerability
It was discovered that tgt attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1,...