An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer (a variable initialized to NULL) leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.
References
Link | Resource |
---|---|
https://github.com/proftpd/proftpd/issues/858 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-11-26T03:33:41
Updated: 2019-11-26T03:33:41
Reserved: 2019-11-26T00:00:00
Link: CVE-2019-19272
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-11-26T04:15:13.060
Modified: 2019-12-11T16:16:54.583
Link: CVE-2019-19272
JSON object: View
Redhat Information
No data.
CWE