← CVECheck
HomeVulnerabilities

CVE-2002-2245 — MEDIUM severity vulnerability (ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly q)

ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session.

CVE IDCVE-2002-2245
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:N/I:P/A:N
CWECWE-189
StatusModified
Published2002-12-31
Last modified2026-04-16
Descriptionftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →