Executive Summary
Summary | |
---|---|
Title | vsftpd security update |
Informations | |||
---|---|---|---|
Name | RHSA-2011:0337 | First vendor Publication | 2011-03-09 |
Vendor | RedHat | Last vendor Modification | 2011-03-09 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 4 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: An updated vsftpd package that fixes one security issue is now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: vsftpd (Very Secure File Transfer Protocol (FTP) daemon) is a secure FTP server for Linux, UNIX, and similar operating systems. A flaw was discovered in the way vsftpd processed file name patterns. An FTP user could use this flaw to cause the vsftpd process to use an excessive amount of CPU time, when processing a request with a specially-crafted file name pattern. (CVE-2011-0762) All vsftpd users should upgrade to this updated package, which contains a backported patch to correct this issue. The vsftpd daemon must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 681667 - CVE-2011-0762 vsftpd: remote DoS via crafted glob pattern |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2011-0337.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13784 | |||
Oval ID: | oval:org.mitre.oval:def:13784 | ||
Title: | USN-1098-1 -- vsftpd vulnerability | ||
Description: | It was discovered that vsftpd incorrectly handled certain glob expressions. A remote authenticated user could use a crafted glob expression to cause vftpd to consume all resources, leading to a denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1098-1 CVE-2011-0762 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 10.10 Ubuntu 10.04 Ubuntu 9.10 Ubuntu 6.06 | Product(s): | vsftpd |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21856 | |||
Oval ID: | oval:org.mitre.oval:def:21856 | ||
Title: | RHSA-2011:0337: vsftpd security update (Important) | ||
Description: | The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0337-01 CVE-2011-0762 CESA-2011:0337-CentOS 5 | Version: | 6 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | vsftpd |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23346 | |||
Oval ID: | oval:org.mitre.oval:def:23346 | ||
Title: | ELSA-2011:0337: vsftpd security update (Important) | ||
Description: | The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0337-01 CVE-2011-0762 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | vsftpd |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Os | 5 | |
Os | 3 | |
Os | 3 | |
Os | 3 | |
Os | 4 |
ExploitDB Exploits
id | Description |
---|---|
2011-03-02 | vsftpd 2.3.2 Denial of Service Vulnerability |
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for vsftpd CESA-2011:0337 centos5 x86_64 File : nvt/gb_CESA-2011_0337_vsftpd_centos5_x86_64.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-07 (vsftpd) File : nvt/glsa_201110_07.nasl |
2011-10-16 | Name : Debian Security Advisory DSA 2305-1 (vsftpd) File : nvt/deb_2305_1.nasl |
2011-08-09 | Name : CentOS Update for vsftpd CESA-2011:0337 centos5 i386 File : nvt/gb_CESA-2011_0337_vsftpd_centos5_i386.nasl |
2011-04-01 | Name : Ubuntu Update for vsftpd vulnerability USN-1098-1 File : nvt/gb_ubuntu_USN_1098_1.nasl |
2011-03-24 | Name : Fedora Update for vsftpd FEDORA-2011-2590 File : nvt/gb_fedora_2011_2590_vsftpd_fc14.nasl |
2011-03-24 | Name : Fedora Update for vsftpd FEDORA-2011-2615 File : nvt/gb_fedora_2011_2615_vsftpd_fc13.nasl |
2011-03-24 | Name : Mandriva Update for vsftpd MDVSA-2011:049 (vsftpd) File : nvt/gb_mandriva_MDVSA_2011_049.nasl |
2011-03-15 | Name : CentOS Update for vsftpd CESA-2011:0337 centos4 i386 File : nvt/gb_CESA-2011_0337_vsftpd_centos4_i386.nasl |
2011-03-15 | Name : RedHat Update for vsftpd RHSA-2011:0337-01 File : nvt/gb_RHSA-2011_0337-01_vsftpd.nasl |
2011-03-03 | Name : vsftpd FTP Server 'ls.c' Remote Denial of Service Vulnerability File : nvt/gb_vsftpd_46617.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
73340 | vsftpd ls.c vsf_filename_passes_filter STAT Command glob Expression Remote DoS |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | STAT overflow attempt RuleID : 1379-community - Revision : 23 - Type : PROTOCOL-FTP |
2014-01-10 | STAT overflow attempt RuleID : 1379 - Revision : 23 - Type : PROTOCOL-FTP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_vsftpd-110308.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_vsftpd-110308.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2011-0337.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20110309_vsftpd_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_vsftpd-7408.nasl - Type : ACT_GATHER_INFO |
2011-10-12 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-07.nasl - Type : ACT_GATHER_INFO |
2011-09-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2305.nasl - Type : ACT_GATHER_INFO |
2011-05-06 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12690.nasl - Type : ACT_GATHER_INFO |
2011-05-06 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_vsftpd-110308.nasl - Type : ACT_GATHER_INFO |
2011-05-06 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_vsftpd-110308.nasl - Type : ACT_GATHER_INFO |
2011-05-06 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_vsftpd-7373.nasl - Type : ACT_GATHER_INFO |
2011-03-30 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1098-1.nasl - Type : ACT_GATHER_INFO |
2011-03-22 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-049.nasl - Type : ACT_GATHER_INFO |
2011-03-17 | Name : The remote FTP server is prone to a denial of service attack. File : vsftpd_2_3_3.nasl - Type : ACT_GATHER_INFO |
2011-03-16 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2567.nasl - Type : ACT_GATHER_INFO |
2011-03-15 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2615.nasl - Type : ACT_GATHER_INFO |
2011-03-15 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2590.nasl - Type : ACT_GATHER_INFO |
2011-03-11 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2011-0337.nasl - Type : ACT_GATHER_INFO |
2011-03-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0337.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:54:28 |
|