CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
EPSS
Percentile
93.4%
Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | vsftpd | < 3.0.3-13 | vsftpd_3.0.3-13_all.deb |
Debian | 11 | all | vsftpd | < 3.0.3-12 | vsftpd_3.0.3-12_all.deb |
Debian | 999 | all | vsftpd | < 3.0.3-13.1 | vsftpd_3.0.3-13.1_all.deb |
Debian | 13 | all | vsftpd | < 3.0.3-13.1 | vsftpd_3.0.3-13.1_all.deb |