(RHSA-2011:0337) Important: vsftpd security update

2011-03-09T05:00:00
ID RHSA-2011:0337
Type redhat
Reporter RedHat
Modified 2018-06-06T20:24:22

Description

vsftpd (Very Secure File Transfer Protocol (FTP) daemon) is a secure FTP server for Linux, UNIX, and similar operating systems.

A flaw was discovered in the way vsftpd processed file name patterns. An FTP user could use this flaw to cause the vsftpd process to use an excessive amount of CPU time, when processing a request with a specially-crafted file name pattern. (CVE-2011-0762)

All vsftpd users should upgrade to this updated package, which contains a backported patch to correct this issue. The vsftpd daemon must be restarted for this update to take effect.