Unity Linux 20.1070a Security Update: vsftpd (UTSA-2026-007108)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007108 advisory. A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote,...

vsftpd: vsftpd: Denial of service via integer overflow in ls command parameter parsing

A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence...

Amazon Linux 2023 : vsftpd (ALAS2023-2026-1432)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1432 advisory. A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafte...

OESA-2026-1345 vsftpd security update

Vsftpd, or very secure FTP daemon, is an FTP server for Unix-like systems, including Linux. It is licensed under the GNU General Public License. It supports IPv6 and SSL. Vsftpd supports explicit since 2.0.0 and implicit since 2.1.0 FTPS. Security Fixes: A flaw was found in vsftpd. This...

Linux Distros Unpatched Vulnerability : CVE-2025-14242

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote...

CVE-2025-14242

A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence...