Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2008-0295

Опубликовано: 30 мая 2008
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2008-0295: vsftpd security and bug fix update (LOW)

[2.0.5-12]

  • fix CVE-2007-5962: vsftpd memory leak when deny_file option is set
  • Resolves: #423001

[2.0.5-11]

  • add new option to log login failures based on user list
  • Resolves: #345791
  • fix user_config_dir option
  • Resolves: #400921
  • allow usernames starting with '_' or '.'
  • Resolves: #386561
  • fix the write/race condition when uploading files simultaneously
  • Resolves: #240553
  • fix the bug that causes every new file stored with STOU to have a prefix '.1'
  • Resolves: #392231
  • make vsftpd wildcard matching more greedy
  • Resolves: #392181

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

vsftpd

2.0.5-12.el5

Oracle Linux i386

vsftpd

2.0.5-12.el5

Связанные CVE

CVE-2007-5962

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2007-5962

ubuntu
около 17 лет назад

Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.

redhat логотип

CVE-2007-5962

redhat
около 17 лет назад

Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.

nvd логотип

CVE-2007-5962

nvd
около 17 лет назад

Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.

debian логотип

CVE-2007-5962

debian
около 17 лет назад

Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red ...

github логотип

GHSA-67jj-2hgw-486p

github
около 3 лет назад

Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.