PT-2008-1526 · Vsftpd+1 · Vsftpd+1
Published
2008-05-21
·
Updated
2023-02-13
·
CVE-2007-5962
CVSS v2.0
7.1
High
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
vsftpd version 2.0.5
Description
A memory leak issue exists, allowing remote attackers to cause a denial of service by consuming memory via a large number of CWD commands, as demonstrated by an attack on a daemon with the
deny file configuration option.Recommendations
For vsftpd version 2.0.5, consider restricting access to the CWD command as a temporary workaround until a patch is available.
Exploit
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Red Hat
Vsftpd