Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 19/10/2010 Updated: 20/10/2010

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib prior to 0.5.2 allows remote malicious users to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, a related issue to CVE-2010-3492.

Vulnerable Product	Search on Vulmon	Subscribe to Product
g.rodola pyftpdlib 0.4.0
g.rodola pyftpdlib
g.rodola pyftpdlib 0.1
g.rodola pyftpdlib 0.1.1
g.rodola pyftpdlib 0.2.0
g.rodola pyftpdlib 0.3.0
g.rodola pyftpdlib 0.5.0

CWE-362 http://code.google.com/p/pyftpdlib/source/diff?spec=svn556&r=556&format=side&path=/trunk/pyftpdlib/ftpserver.py http://code.google.com/p/pyftpdlib/issues/detail?id=105 http://code.google.com/p/pyftpdlib/source/detail?r=556 http://www.openwall.com/lists/oss-security/2010/09/24/3 https://bugs.launchpad.net/zodb/+bug/135108 http://bugs.python.org/issue6706 http://www.openwall.com/lists/oss-security/2010/09/22/3 http://www.openwall.com/lists/oss-security/2010/09/11/2 http://www.openwall.com/lists/oss-security/2010/09/09/6 http://code.google.com/p/pyftpdlib/source/browse/trunk/HISTORY http://code.google.com/p/pyftpdlib/issues/detail?id=104 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-3494

Vulnerability Summary

References

Vulmon Search

About

Products

Connect