Test ID:	1.3.6.1.4.1.25623.1.0.69375
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-1098-1 (vsftpd)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to vsftpd announced via advisory USN-1098-1. Details follow: It was discovered that vsftpd incorrectly handled certain glob expressions. A remote authenticated user could use a crafted glob expression to cause vftpd to consume all resources, leading to a denial of service. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: vsftpd 2.0.4-0ubuntu4.1 Ubuntu 8.04 LTS: vsftpd 2.0.6-1ubuntu1.2 Ubuntu 9.10: vsftpd 2.2.0-1ubuntu2.1 Ubuntu 10.04 LTS: vsftpd 2.2.2-3ubuntu6.1 Ubuntu 10.10: vsftpd 2.3.0~ pre2-4ubuntu2.2 In general, a standard system update will make all the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-1098-1 Risk factor : Medium CVSS Score: 4.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0762 BugTraq ID: 46617 http://www.securityfocus.com/bid/46617 Bugtraq: 20110301 vsftpd 2.3.2 remote denial-of-service (Google Search) http://www.securityfocus.com/archive/1/516748/100/0/threaded CERT/CC vulnerability note: VU#590604 http://www.kb.cert.org/vuls/id/590604 Debian Security Information: DSA-2305 (Google Search) http://www.debian.org/security/2011/dsa-2305 http://www.exploit-db.com/exploits/16270 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055957.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055882.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055881.html HPdes Security Advisory: HPSBMU02752 http://marc.info/?l=bugtraq&m=133226187115472&w=2 HPdes Security Advisory: SSRT100802 http://jvn.jp/en/jp/JVN37417423/index.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:049 http://cxib.net/stuff/vspoc232.c http://www.redhat.com/support/errata/RHSA-2011-0337.html http://www.securitytracker.com/id?1025186 http://securityreason.com/securityalert/8109 http://securityreason.com/achievement_securityalert/95 SuSE Security Announcement: SUSE-SR:2011:009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://www.ubuntu.com/usn/USN-1098-1 http://www.vupen.com/english/advisories/2011/0547 http://www.vupen.com/english/advisories/2011/0639 http://www.vupen.com/english/advisories/2011/0668 http://www.vupen.com/english/advisories/2011/0713 XForce ISS Database: vsftpd-vsffilenamepassesfilter-dos(65873) https://exchange.xforce.ibmcloud.com/vulnerabilities/65873
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.