FreeBSD Local Security Checks : FreeBSD Ports: wu-ftpd

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52146

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: wu-ftpd

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

wu-ftpd, wu-ftpd+ipv6

CVE-2005-0256
The wu_fnmatch function in wu_fnmatch.c for wu-fptd 2.6.1 and 2.6.2
allows remote attackers to cause a denial of service (CPU exhaustion
by recursion) via a glob pattern with a large number of * (wildcard)
characters, as demonstrated using the dir copmmand.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-0256
Debian Security Information: DSA-705 (Google Search)
http://www.debian.org/security/2005/dsa-705
HPdes Security Advisory: HPSBUX02110
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342
HPdes Security Advisory: SSRT061110
http://www.idefense.com/application/poi/display?id=207&type=vulnerabilities
http://www.osvdb.org/14203
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1265
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1333
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1762
SCO Security Bulletin: SCOSA-2005.63
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63/SCOSA-2005.63.txt
http://secunia.com/advisories/14411
http://secunia.com/advisories/18210
http://secunia.com/advisories/19561
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101699-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57795-1
http://www.vupen.com/english/advisories/2005/0588
http://www.vupen.com/english/advisories/2006/1271

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52146
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: wu-ftpd
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: wu-ftpd, wu-ftpd+ipv6 CVE-2005-0256 The wu_fnmatch function in wu_fnmatch.c for wu-fptd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir copmmand. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0256 Debian Security Information: DSA-705 (Google Search) http://www.debian.org/security/2005/dsa-705 HPdes Security Advisory: HPSBUX02110 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342 HPdes Security Advisory: SSRT061110 http://www.idefense.com/application/poi/display?id=207&type=vulnerabilities http://www.osvdb.org/14203 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1265 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1333 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1762 SCO Security Bulletin: SCOSA-2005.63 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63/SCOSA-2005.63.txt http://secunia.com/advisories/14411 http://secunia.com/advisories/18210 http://secunia.com/advisories/19561 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101699-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57795-1 http://www.vupen.com/english/advisories/2005/0588 http://www.vupen.com/english/advisories/2006/1271
Copyright	Copyright (C) 2008 E-Soft Inc.