Veracode Vulnerability DatabaseVERACODE:23382Denial Of Service (DoS)
0.057 Low
EPSS
Percentile
93.4%
vsftpd is vulnerable to denial of service (DoS). The vulnerability exists as a memory leak was discovered in the vsftpd daemon. An attacker who is able to connect to an FTP service, either as an authenticated or anonymous user, could cause vsftpd to allocate all available memory if the “deny_file” option was enabled in vsftpd.conf.
| CPE | Name | Operator | Version |
|---|---|---|---|
| vsftpd | eq | 2.0.5__10.el5 | |
| vsftpd | eq | 2.0.5__10.el5 |
References
secunia.com/advisories/30341
secunia.com/advisories/30354
securitytracker.com/id?1020079
wiki.rpath.com/wiki/Advisories:rPSA-2008-0185
www.openwall.com/lists/oss-security/2008/05/21/10
www.openwall.com/lists/oss-security/2008/05/21/12
www.openwall.com/lists/oss-security/2008/05/21/8
www.redhat.com/security/updates/classification/#low
www.redhat.com/support/errata/RHSA-2008-0295.html
www.securityfocus.com/archive/1/493167/100/0/threaded
www.securityfocus.com/bid/29322
www.vupen.com/english/advisories/2008/1600
access.redhat.com/errata/RHSA-2008:0295
access.redhat.com/security/cve/CVE-2007-5962
bugzilla.redhat.com/show_bug.cgi?id=397011
exchange.xforce.ibmcloud.com/vulnerabilities/42593
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8850
www.exploit-db.com/exploits/5814
www.redhat.com/archives/fedora-package-announce/2008-May/msg00681.html
www.redhat.com/archives/fedora-package-announce/2008-May/msg00691.html
www.redhat.com/archives/fedora-package-announce/2008-May/msg00699.html
Related
