Common Vulnerabilities and Exposures assigned an identifier CVE-2011-0762 to the following vulnerability: Name: CVE-2011-0762 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0762 Assigned: 20110203 Reference: http://securityreason.com/achievement_securityalert/95 Reference: http://www.securityfocus.com/archive/1/archive/1/516748/100/0/threaded Reference: http://cxib.net/stuff/vspoc232.c Reference: ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.3.4/Changelog Reference: http://www.kb.cert.org/vuls/id/590604 Reference: http://www.securityfocus.com/bid/46617 The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
Created attachment 481947 [details] relevant bits extracted from 2.3.2/2.3.3 diff This should be the relevant bits from the diff of upstream 2.3.2 and 2.3.3 versions, and should correct the flaw.
(In reply to comment #1) > This should be the relevant bits from the diff of upstream 2.3.2 and 2.3.3 > versions, and should correct the flaw. Looking at the 2.3.3 -> 2.3.4 diff, described in the changelog as: - Fix compile. Extreme suckage. Failed compile is related to this fix, so 2.3.2 -> 2.3.4 diff is what we should be using.
Created attachment 482013 [details] 2.3.2 -> 2.3.4 changes relevant to this issue.
Created vsftpd tracking bugs for this issue Affects: fedora-all [bug 681935]
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Via RHSA-2011:0337 https://rhn.redhat.com/errata/RHSA-2011-0337.html
which version of vsftpd fix the vsf_filename_passes_filter Vulnerabilities issue in redhat release?
(In reply to comment #16) > which version of vsftpd fix the vsf_filename_passes_filter Vulnerabilities > issue in redhat release? As noted in comment c#15, the CVE-2011-0762 was corrected in Red Hat Enterprise Linux 4, 5, and 6 via RHSA-2011:0337 advisory. See https://rhn.redhat.com/errata/RHSA-2011-0337.html for concrete package versions for particular system / release. Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team