NetBSD Security Advisory 2004-009 – A set of flaws in the ftpd source code can be used together to achieve root access within an ftp session. With root file manipulation ability, mechanisms to gain a shell are numerous, so this issue should be considered a remote root situation.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/34088/NetBSD-SA2004-009.txt
Source: https://packetstormsecurity.com/files/34088/NetBSD-SA2004-009.txt.html