CVE-2008-7264

Name of the Vulnerable Software and Affected Versions pyftpdlib versions prior to 0.5.0

Description The issue allows remote authenticated users to cause a denial of service, leading to file descriptor exhaustion and daemon outage. This is achieved by sending a QUIT command during a disallowed data-transfer attempt, specifically exploiting the ftp QUIT function in ftpserver.py.

Recommendations For versions prior to 0.5.0, update to version 0.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the ftp QUIT function in ftpserver.py to minimize the risk of exploitation.