Common Vulnerabilities and Exposures assigned an identifier CVE-2009-5013 to the following vulnerability: Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib before 0.5.2 allows remote authenticated users to cause a denial of service (memory consumption) by sending a QUIT command during a data transfer. References: [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5013 [2] http://code.google.com/p/pyftpdlib/issues/detail?id=119 [3] http://code.google.com/p/pyftpdlib/source/browse/trunk/HISTORY [4] http://code.google.com/p/pyftpdlib/source/detail?r=615 [5] http://code.google.com/p/pyftpdlib/source/diff?spec=svn615&r=615&format=side&path=/trunk/pyftpdlib/ftpserver.py Affected versions: This issue affects the version of the pyftpdlib package, as shipped with Fedora release of 12. This issue does NOT affect the version of the pyftpdlib package, as shipped with Fedora release of 13 (relevant code part is already updated).
Created pyftpdlib tracking bugs for this issue Affects: fedora-12 [bug 646178]