Lucene search

PRIOn knowledge basePRION:CVE-2009-5011

HistoryOct 19, 2010 - 8:00 p.m.

Race condition

2010-10-1920:00:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

68.0%

JSON

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerability than CVE-2010-3494.

CPENameOperatorVersion
pyftpdlibeq0.5.0
pyftpdlibeq0.4.0
pyftpdlibeq0.2.0
pyftpdlibeq0.1
pyftpdlibeq0.1.1
pyftpdlible0.5.1
pyftpdlibeq0.3.0

Name	Operator	Version
pyftpdlib	eq	0.5.0
pyftpdlib	eq	0.4.0
pyftpdlib	eq	0.2.0
pyftpdlib	eq	0.1
pyftpdlib	eq	0.1.1
pyftpdlib	le	0.5.1
pyftpdlib	eq	0.3.0

References

code.google.com/p/pyftpdlib/issues/detail?id=100

code.google.com/p/pyftpdlib/source/browse/trunk/HISTORY

code.google.com/p/pyftpdlib/source/detail?r=543

code.google.com/p/pyftpdlib/source/diff?spec=svn543&r=543&format=side&path=/trunk/pyftpdlib/ftpserver.py

6.6 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

68.0%

JSON

Related for PRION:CVE-2009-5011