ID CVE-2011-0762
Summary The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
References
Vulnerable Configurations
  • cpe:2.3:a:beasts:vsftpd:0.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.0.15:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.0.15:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:0.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:0.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:1.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:1.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:2.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:beasts:vsftpd:*:*:*:*:*:*:*:*
    cpe:2.3:a:beasts:vsftpd:*:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 09-10-2018 - 19:29)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:N/A:P
redhat via4
advisories
bugzilla
id 681667
title CVE-2011-0762 vsftpd: remote DoS via crafted glob pattern
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhba:tst:20070304001
    • comment vsftpd is earlier than 0:2.0.1-9.el4
      oval oval:com.redhat.rhsa:tst:20110337002
    • comment vsftpd is signed with Red Hat master key
      oval oval:com.redhat.rhsa:tst:20080579003
  • AND
    • comment vsftpd is earlier than 0:2.2.2-6.el6_0.1
      oval oval:com.redhat.rhsa:tst:20110337008
    • comment vsftpd is signed with Red Hat redhatrelease2 key
      oval oval:com.redhat.rhsa:tst:20110337009
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • comment vsftpd is earlier than 0:2.0.5-16.el5_6.1
      oval oval:com.redhat.rhsa:tst:20110337011
    • comment vsftpd is signed with Red Hat redhatrelease key
      oval oval:com.redhat.rhsa:tst:20080295003
rhsa
id RHSA-2011:0337
released 2011-03-09
severity Important
title RHSA-2011:0337: vsftpd security update (Important)
rpms
  • vsftpd-0:2.0.1-9.el4
  • vsftpd-0:2.2.2-6.el6_0.1
  • vsftpd-0:2.0.5-16.el5_6.1
refmap via4
bid 46617
bugtraq 20110301 vsftpd 2.3.2 remote denial-of-service
cert-vn VU#590604
confirm
debian DSA-2305
exploit-db 16270
fedora
  • FEDORA-2011-2567
  • FEDORA-2011-2590
  • FEDORA-2011-2615
hp
  • HPSBMU02752
  • SSRT100802
mandriva MDVSA-2011:049
misc http://cxib.net/stuff/vspoc232.c
sectrack 1025186
sreason 8109
sreasonres 20110301 vsftpd 2.3.2 remote denial-of-service
suse SUSE-SR:2011:009
ubuntu USN-1098-1
vupen
  • ADV-2011-0547
  • ADV-2011-0639
  • ADV-2011-0668
  • ADV-2011-0713
xf vsftpd-vsffilenamepassesfilter-dos(65873)
Last major update 09-10-2018 - 19:29
Published 02-03-2011 - 20:00
Back to Top