Denial of service in vsftpd
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2011-0762 |
| CWE-ID | CWE-400 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software Subscribe |
vsftpd Server applications / File servers (FTP/HTTP) |
| Vendor | vsftpd |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Denial of service
EUVDB-ID: #VU311
Risk: Low
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C]
CVE-ID: CVE-2011-0762
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to cause a denial of service (DoS) attack.
The vulnerability exists due to an error in vsf_filename_passes_filter() function in ls.c file, when parsing glob expressions in STAT commands. A remote authenticated attacker can consume a large amount of CPU resources by creating multiple FTP sessions and sending specially crafted STAT commands.
Successful exploitation of the vulnerability may result in denial of service attack of entire system.
MitigationInstall the latest version 2.3.3 from vendor's website.
Vulnerable software versionsvsftpd: 0.0.1 - 2.3.2
External linkshttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622741
http://www.exploit-db.com/exploits/16270/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
