Input validation error in pure-ftpd (Alpine package)

Published: 2011-10-31

Risk	Low
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2011-0418
CWE-ID	CWE-20
Exploitation vector	Network
Public exploit	Public exploit code for vulnerability #1 is available.
Vulnerable software	pure-ftpd (Alpine package) Operating systems & Components / Operating system package or component
Vendor	Alpine Linux Development Team

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Input validation error

EUVDB-ID: #VU32849

Risk: Low

CVSSv4.0: 2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2011-0418

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

Description

The vulnerability allows a remote #AU# to perform service disruption.

The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service (memory consumption) via a crafted FTP STAT command.

Mitigation

Install update from vendor's website.

Vulnerable software versions

pure-ftpd (Alpine package): 1.0.30-r2

CPE2.3

cpe:2.3:a:alpine:pure-ftpd_alpine_package:1.0.30-r2:*:*:*:*:alpine_linux:*:2.2

External links

https://git.alpinelinux.org/aports/commit/?id=30da3706c18875184f98d363bd3be2f2c6efa0f5

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.