Debian Security Bug TrackerDEBIANCVE:CVE-2007-5962CVE-2007-5962
7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.057 Low
EPSS
Percentile
93.4%
Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | vsftpd | < 3.0.3-13 | vsftpd_3.0.3-13_all.deb |
| Debian | 11 | all | vsftpd | < 3.0.3-12 | vsftpd_3.0.3-12_all.deb |
| Debian | 10 | all | vsftpd | < 3.0.3-12 | vsftpd_3.0.3-12_all.deb |
| Debian | 999 | all | vsftpd | < 3.0.3-13 | vsftpd_3.0.3-13_all.deb |
| Debian | 13 | all | vsftpd | < 3.0.3-13 | vsftpd_3.0.3-13_all.deb |
Related
7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.057 Low
EPSS
Percentile
93.4%