Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2011-2189 | First vendor Publication | 2011-10-10 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |||
|---|---|---|---|
| Overall CVSS Score | 7.5 | ||
| Base Score | 7.5 | Environmental Score | 7.5 |
| impact SubScore | 3.6 | Temporal Score | 7.5 |
| Exploitabality Sub Score | 3.9 | ||
| Attack Vector | Network | Attack Complexity | Low |
| Privileges Required | None | User Interaction | None |
| Scope | Unchanged | Confidentiality Impact | None |
| Integrity Impact | None | Availability Impact | High |
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.8 | Attack Range | Network |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2189 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:15164 | |||
| Oval ID: | oval:org.mitre.oval:def:15164 | ||
| Title: | DSA-2305-1 vsftpd -- denial of service | ||
| Description: | Two security issue have been discovered that affect vsftpd, a lightweight, efficient FTP server written for security. CVE-2011-2189 It was discovered that Linux kernels less than 2.6.35 are considerably slower in releasing than in the creation of network namespaces. As a result of this and because vsftpd is using this feature as a security enhancement to provide network isolation for connections, it is possible to cause denial of service conditions due to excessive memory allocations by the kernel. This is technically no vsftpd flaw, but a kernel issue. However, this feature has legitimate use cases and backporting the specific kernel patch is too intrusive. Additionally, a local attacker requires the CAP_SYS_ADMIN capability to abuse this functionality. Therefore, as a fix, a kernel version check has been added to vsftpd in order to disable this feature for kernels less than 2.6.35. CVE-2011-0762 Maksymilian Arciemowicz discovered that vsftpd is incorrectly handling certain glob expressions in STAT commands. This allows a remote authenticated attacker to conduct denial of service attacks via crafted STAT commands. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2305-1 CVE-2011-0762 CVE-2011-2189 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | vsftpd |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15201 | |||
| Oval ID: | oval:org.mitre.oval:def:15201 | ||
| Title: | USN-1288-1 -- vsftpd vulnerability | ||
| Description: | vsftpd: FTP server written for security Vsftpd or other applications could be made to crash if vsftpd received specially crafted network traffic. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1288-1 CVE-2011-2189 | Version: | 5 |
| Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | vsftpd |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-12-09 | Name : Ubuntu Update for vsftpd USN-1288-1 File : nvt/gb_ubuntu_USN_1288_1.nasl |
| 2011-10-16 | Name : Debian Security Advisory DSA 2305-1 (vsftpd) File : nvt/deb_2305_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 76805 | Linux Kernel net/core/net_namespace.c Network Namespace Cleanup Weakness Remo... |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2011-12-07 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1288-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2305.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:03:56 |
|
| 2024-11-28 12:25:53 |
|
| 2024-08-02 12:16:41 |
|
| 2024-08-02 01:04:43 |
|
| 2024-02-02 01:16:12 |
|
| 2024-02-01 12:04:37 |
|
| 2023-09-05 12:15:10 |
|
| 2023-09-05 01:04:29 |
|
| 2023-09-02 12:15:15 |
|
| 2023-09-02 01:04:33 |
|
| 2023-08-12 12:18:24 |
|
| 2023-08-12 01:04:34 |
|
| 2023-08-11 12:15:19 |
|
| 2023-08-11 01:04:42 |
|
| 2023-08-06 12:14:44 |
|
| 2023-08-06 01:04:35 |
|
| 2023-08-04 12:14:48 |
|
| 2023-08-04 01:04:36 |
|
| 2023-07-14 12:14:47 |
|
| 2023-07-14 01:04:33 |
|
| 2023-03-29 01:16:42 |
|
| 2023-03-28 12:04:39 |
|
| 2023-02-13 09:28:54 |
|
| 2022-10-11 12:13:11 |
|
| 2022-10-11 01:04:19 |
|
| 2022-03-11 01:10:54 |
|
| 2021-07-27 12:10:50 |
|
| 2021-07-16 01:41:32 |
|
| 2021-07-16 01:08:26 |
|
| 2021-07-16 00:23:10 |
|
| 2021-05-04 12:17:22 |
|
| 2021-04-22 01:20:38 |
|
| 2020-08-11 09:22:46 |
|
| 2020-08-07 21:23:11 |
|
| 2020-08-07 09:22:49 |
|
| 2020-08-05 21:23:06 |
|
| 2020-08-01 12:06:27 |
|
| 2020-07-30 01:06:44 |
|
| 2020-05-23 01:44:37 |
|
| 2020-05-23 00:28:39 |
|
| 2019-01-25 12:03:57 |
|
| 2018-11-17 12:02:28 |
|
| 2018-10-30 12:04:14 |
|
| 2016-07-01 11:07:33 |
|
| 2016-06-29 00:20:42 |
|
| 2016-06-28 18:40:50 |
|
| 2016-04-26 20:48:14 |
|
| 2014-02-17 11:02:49 |
|
| 2013-05-10 23:01:29 |
|
