CVE-2009-5011

Name of the Vulnerable Software and Affected Versions pyftpdlib versions prior to 0.5.2

Description A race condition exists in the FTPHandler class in ftpserver.py, allowing remote attackers to cause a denial of service by establishing and then immediately closing a TCP connection. This leads to an error in the getpeername function, resulting in a daemon outage.

Recommendations For versions prior to 0.5.2, update to version 0.5.2 or later to resolve the issue. As a temporary workaround, consider implementing measures to handle and recover from TCP connection closures to minimize the risk of daemon outage.