Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2011-0762

The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.

See the

CVE page on Mitre.org for more details.

References

SREASONRES: 20110301 vsftpd 2.3.2 ...
MISC: http://cxib.net/stuff/...
CONFIRM: ftp://vsftpd.beasts.or...
CERT-VN: VU#590604
BID: 46617
EXPLOIT-DB: 16270
VUPEN: ADV-2011-0547
FEDORA: FEDORA-2011-2590
FEDORA: FEDORA-2011-2615
REDHAT: RHSA-2011:0337
VUPEN: ADV-2011-0639
FEDORA: FEDORA-2011-2567
SECTRACK: 1025186
VUPEN: ADV-2011-0668
MANDRIVA: MDVSA-2011:049
VUPEN: ADV-2011-0713
UBUNTU: USN-1098-1
SREASON: 8109
CONFIRM: http://bugs.debian.org...
DEBIAN: DSA-2305
SUSE: SUSE-SR:2011:009
HP: HPSBMU02752
HP: SSRT100802
XF: vsftpd-vsffilenamepass...
BUGTRAQ: 20110301 vsftpd 2.3.2 ...
JVN: JVN#37417423

Launchpad.net

CVE 2011-0762

Related bugs

References