Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server’s response.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Xfstt | Xfstt | 1.2.1 | 1.2.1 |
Xfstt | Xfstt | 1.4 | 1.4 |
Xfstt | Ubuntu | dapper | * |
Xfstt | Ubuntu | devel | * |
Xfstt | Ubuntu | edgy | * |
Xfstt | Ubuntu | feisty | * |