Executive Summary

Informations
NameCVE-2011-2189First vendor Publication2011-10-10
VendorCveLast vendor Modification2012-09-17

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score7.8Attack RangeNetwork
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2189

CWE : Common Weakness Enumeration

idName
CWE-399Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15201
 
Oval ID: oval:org.mitre.oval:def:15201
Title: USN-1288-1 -- vsftpd vulnerability
Description: vsftpd: FTP server written for security Vsftpd or other applications could be made to crash if vsftpd received specially crafted network traffic.
Family: unix Class: patch
Reference(s): USN-1288-1
CVE-2011-2189
Version: 5
Platform(s): Ubuntu 11.04
Ubuntu 11.10
Ubuntu 10.04
Ubuntu 10.10
Product(s): vsftpd
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15164
 
Oval ID: oval:org.mitre.oval:def:15164
Title: DSA-2305-1 vsftpd -- denial of service
Description: Two security issue have been discovered that affect vsftpd, a lightweight, efficient FTP server written for security. CVE-2011-2189 It was discovered that Linux kernels less than 2.6.35 are considerably slower in releasing than in the creation of network namespaces. As a result of this and because vsftpd is using this feature as a security enhancement to provide network isolation for connections, it is possible to cause denial of service conditions due to excessive memory allocations by the kernel. This is technically no vsftpd flaw, but a kernel issue. However, this feature has legitimate use cases and backporting the specific kernel patch is too intrusive. Additionally, a local attacker requires the CAP_SYS_ADMIN capability to abuse this functionality. Therefore, as a fix, a kernel version check has been added to vsftpd in order to disable this feature for kernels less than 2.6.35. CVE-2011-0762 Maksymilian Arciemowicz discovered that vsftpd is incorrectly handling certain glob expressions in STAT commands. This allows a remote authenticated attacker to conduct denial of service attacks via crafted STAT commands.
Family: unix Class: patch
Reference(s): DSA-2305-1
CVE-2011-0762
CVE-2011-2189
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): vsftpd
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os539

OpenVAS Exploits

DateDescription
2011-12-09Name : Ubuntu Update for vsftpd USN-1288-1
File : nvt/gb_ubuntu_USN_1288_1.nasl
2011-10-16Name : Debian Security Advisory DSA 2305-1 (vsftpd)
File : nvt/deb_2305_1.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
76805Linux Kernel net/core/net_namespace.c Network Namespace Cleanup Weakness Remo...

Nessus® Vulnerability Scanner

DateDescription
2011-12-07Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1288-1.nasl - Type : ACT_GATHER_INFO
2011-09-20Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2305.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
CONFIRMhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629373
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2...
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f...
http://ie.archive.ubuntu.com/linux/kernel/v2.6/ChangeLog-2.6.33
http://neil.brown.name/git?p=linux-2.6;a=patch;h=2b035b39970740722598f7a9d548...
http://patchwork.ozlabs.org/patch/88217/
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/720095
https://bugzilla.redhat.com/show_bug.cgi?id=711134
https://bugzilla.redhat.com/show_bug.cgi?id=711245
DEBIANhttp://www.debian.org/security/2011/dsa-2305
MLISThttp://kerneltrap.org/mailarchive/git-commits-head/2009/12/8/15289
http://www.openwall.com/lists/oss-security/2011/06/06/10
http://www.openwall.com/lists/oss-security/2011/06/06/20
UBUNTUhttp://www.ubuntu.com/usn/USN-1288-1

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 11:02:49
  • Multiple Updates
2013-05-10 23:01:29
  • Multiple Updates