Test Kennung:	1.3.6.1.4.1.25623.1.0.801613
Kategorie:	FTP
Titel:	pyftpdlib FTP Server Multiple Vulnerabilities
Zusammenfassung:	pyftpdlib FTP server is prone to multiple vulnerabilities.
Beschreibung:	Summary: pyftpdlib FTP server is prone to multiple vulnerabilities. Vulnerability Insight: - Race condition in the FTPHandler class allows remote attackers to cause a denial of service by establishing and then immediately closing a TCP connection. - Improper permission check for the NLST command allows remote authenticated users to bypass intended access restrictions and list the root directory via an FTP session. - Memory leak in the on_dtp_close function allows remote authenticated users to cause a denial of service by sending a QUIT command during a data transfer. Vulnerability Impact: Successful exploitation will allow attacker to cause a denial of service. Affected Software/OS: ftpserver.py in pyftpdlib before 0.5.2 Solution: Upgrade to pyftpdlib version 0.5.2 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3494 http://bugs.python.org/issue6706 https://bugs.launchpad.net/zodb/+bug/135108 http://www.openwall.com/lists/oss-security/2010/09/09/6 http://www.openwall.com/lists/oss-security/2010/09/11/2 http://www.openwall.com/lists/oss-security/2010/09/22/3 http://www.openwall.com/lists/oss-security/2010/09/24/3 Common Vulnerability Exposure (CVE) ID: CVE-2009-5012 Common Vulnerability Exposure (CVE) ID: CVE-2009-5013 Common Vulnerability Exposure (CVE) ID: CVE-2009-5011
Copyright	Copyright (C) 2010 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.