CVE-2011-0762
Published Mar 2, 2011
Last updated 4 years ago
Overview
- Description
- The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
- Source
- cret@cert.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-400
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vsftpd_project:vsftpd:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B882F46-6FDA-44AB-9C9B-4C3C156D600F",
"versionEndExcluding": "2.3.3"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2D59BD0-43DE-4E58-A057-640AB98359A6"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BDE52846-24EC-4068-B788-EC7F915FFF11"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9396E005-22D8-4342-9323-C7DEA379191D"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95"
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5646FDE9-CF21-46A9-B89D-F5BBDB4249AF"
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79A35457-EAA3-4BF9-A4DA-B2E414A75A02"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D1D7B467-58DD-45F1-9F1F-632620DF072A"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE26596F-F10E-44EF-88CA-0080646E91B9"
}
],
"operator": "OR"
}
]
}
]