Pyftpdlib@0.4.0 Security Vulnerabilities and Issues — Pyftpdlib@0.4.0 CVE List

Lucene search

G.rodolaPyftpdlib0.4.0

5 matches found

CVE•added 2010/10/19 8:0 p.m.•81 views

CVE-2010-3494

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected value of None for the address, or ...

4.3CVSS7.3AI score0.01275EPSS

CVE•added 2010/10/19 8:0 p.m.•74 views

CVE-2009-5010

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.1 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, a different ...

4.3CVSS6.3AI score0.01038EPSS

CVE•added 2010/10/19 8:0 p.m.•72 views

CVE-2009-5012

ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to bypass intended access restrictions and list the root directory via an FTP session.

4CVSS6.2AI score0.00199EPSS

CVE•added 2010/10/19 8:0 p.m.•70 views

CVE-2009-5011

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerabilit...

4.3CVSS6.3AI score0.00468EPSS

CVE•added 2010/10/19 8:0 p.m.•67 views

CVE-2009-5013

Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib before 0.5.2 allows remote authenticated users to cause a denial of service (memory consumption) by sending a QUIT command during a data transfer.

4CVSS6.2AI score0.00513EPSS