Описание
A flaw was found in vsftpd. This vulnerability allows a denial of service (DoS) via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| vsftpd | not-affected | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=2419826
RedHat specific patch fix: https://src.fedoraproject.org/rpms/vsftpd/c/2ed5ba6e77f1c3e365fb4b0028945f762c456131
EPSS
Связанные уязвимости
A flaw was found in vsftpd. This vulnerability allows a denial of service (DoS) via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence.
A flaw was found in vsftpd. This vulnerability allows a denial of service (DoS) via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence.
EPSS