RedHatRHSA-2011:0337(RHSA-2011:0337) Important: vsftpd security update
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.29 Low
EPSS
Percentile
96.4%
vsftpd (Very Secure File Transfer Protocol (FTP) daemon) is a secure FTP
server for Linux, UNIX, and similar operating systems.
A flaw was discovered in the way vsftpd processed file name patterns. An
FTP user could use this flaw to cause the vsftpd process to use an
excessive amount of CPU time, when processing a request with a
specially-crafted file name pattern. (CVE-2011-0762)
All vsftpd users should upgrade to this updated package, which contains a
backported patch to correct this issue. The vsftpd daemon must be restarted
for this update to take effect.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 4 | s390x | vsftpd | < 2.0.1-9.el4 | vsftpd-2.0.1-9.el4.s390x.rpm |
| RedHat | 4 | s390 | vsftpd | < 2.0.1-9.el4 | vsftpd-2.0.1-9.el4.s390.rpm |
| RedHat | 5 | ppc | vsftpd | < 2.0.5-16.el5_6.1 | vsftpd-2.0.5-16.el5_6.1.ppc.rpm |
| RedHat | 4 | ppc | vsftpd | < 2.0.1-9.el4 | vsftpd-2.0.1-9.el4.ppc.rpm |
| RedHat | 6 | ppc64 | vsftpd-debuginfo | < 2.2.2-6.el6_0.1 | vsftpd-debuginfo-2.2.2-6.el6_0.1.ppc64.rpm |
| RedHat | 6 | ppc64 | vsftpd | < 2.2.2-6.el6_0.1 | vsftpd-2.2.2-6.el6_0.1.ppc64.rpm |
| RedHat | 5 | src | vsftpd | < 2.0.5-16.el5_6.1 | vsftpd-2.0.5-16.el5_6.1.src.rpm |
| RedHat | 6 | s390x | vsftpd | < 2.2.2-6.el6_0.1 | vsftpd-2.2.2-6.el6_0.1.s390x.rpm |
| RedHat | 5 | s390x | vsftpd | < 2.0.5-16.el5_6.1 | vsftpd-2.0.5-16.el5_6.1.s390x.rpm |
| RedHat | 5 | x86_64 | vsftpd | < 2.0.5-16.el5_6.1 | vsftpd-2.0.5-16.el5_6.1.x86_64.rpm |
Related
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.29 Low
EPSS
Percentile
96.4%