PT-2010-3683 · Pyftpd · Pyftpd

Henri Salo

Published

2010-06-16

Updated

2017-08-17

CVE-2010-2072

CVSS v2.0

3.6

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:P

Name of the Vulnerable Software and Affected Versions Pyftpd version 0.8.4

Description The issue allows local users to cause a denial of service and obtain sensitive information due to the creation of log files with predictable names in a temporary directory.

Recommendations For Pyftpd version 0.8.4, consider updating to a newer version that addresses this issue, or as a temporary workaround, restrict access to the temporary directory where log files are created to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

CVE-2010-2072

Affected Products

Pyftpd

PT-2010-3683 · Pyftpd · Pyftpd

CVE-2010-2072

Weakness Enumeration

Related Identifiers

Affected Products

References · 6