CVE-2005-0256

Name of the Vulnerable Software and Affected Versions wu-ftpd versions 2.6.1 through 2.6.2

Description The issue concerns multiple vulnerabilities in the wu-ftpd package of the Debian GNU/Linux operating system, which can lead to disruption of protected information availability. These vulnerabilities can be exploited remotely. Specifically, the wu fnmatch function in wu-ftpd allows remote attackers to cause a denial of service via a glob pattern with a large number of * (wildcard) characters.

Recommendations For versions 2.6.1 and 2.6.2, consider disabling the wu fnmatch function as a temporary workaround to prevent CPU exhaustion by recursion until a patch is available. Restrict access to the wu-ftpd service to minimize the risk of exploitation. Avoid using glob patterns with a large number of * (wildcard) characters in the dir command until the issue is resolved.