Описание
glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST command with an argument that contains a large number of * (asterisk) characters.
Ссылки
- ExploitPatchVendor Advisory
- Vendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- Vendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:glftpd:glftpd:1.13.6:*:*:*:*:*:*:*
cpe:2.3:a:glftpd:glftpd:1.16.9:*:*:*:*:*:*:*
cpe:2.3:a:glftpd:glftpd:1.17.2:*:*:*:*:*:*:*
cpe:2.3:a:glftpd:glftpd:1.18a:*:*:*:*:*:*:*
cpe:2.3:a:glftpd:glftpd:1.19:*:*:*:*:*:*:*
cpe:2.3:a:glftpd:glftpd:1.20:*:*:*:*:*:*:*
cpe:2.3:a:glftpd:glftpd:1.21:*:*:*:*:*:*:*
cpe:2.3:a:glftpd:glftpd:1.22b:*:*:*:*:*:*:*
cpe:2.3:a:glftpd:glftpd:1.23:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06794
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST command with an argument that contains a large number of * (asterisk) characters.
EPSS
Процентиль: 91%
0.06794
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other