CVE-2007-5962
CVE-2007-5962
Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.
Affected products
n/a · n/apublic PoCs found — 4
githubgithub.com/antogit-sys/CVE-2007-5962★ 1cve_referencewww.exploit-db.com/exploits/5814unverifiedexploitdbwww.exploit-db.com/exploits/31818unverifiedexploitdbwww.exploit-db.com/exploits/31819unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://bugzilla.redhat.com/show_bug.cgi?id=397011http://secunia.com/advisories/30341http://secunia.com/advisories/30354http://securitytracker.com/id?1020079https://exchange.xforce.ibmcloud.com/vulnerabilities/42593https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8850https://www.exploit-db.com/exploits/5814https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00681.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-May/msg00691.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-May/msg00699.htmlhttp://wiki.rpath.com/wiki/Advisories:rPSA-2008-0185http://www.openwall.com/lists/oss-security/2008/05/21/10