|
|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200407-04] Pure-FTPd: Potential DoS when maximum connections is reached Vulnerability Scan
Vulnerability Scan Summary
Pure-FTPd: Potential DoS when maximum connections is reached
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200407-04
(Pure-FTPd: Potential DoS when maximum connections is reached)
Pure-FTPd contains a bug in the accept_client function handling the setup
of new connections.
Impact
When the maximum number of connections is reached a possible hacker could exploit
this vulnerability to perform a Denial of Service attack.
Workaround
There is no known workaround at this time. All users are encouraged to
upgrade to the latest available version.
References:
http://www.pureftpd.org
Solution:
All Pure-FTPd users should upgrade to the latest stable version:
# emerge sync
# emerge -pv ">=net-ftp/pure-ftpd-1.0.18-r1"
# emerge ">=net-ftp/pure-ftpd-1.0.18-r1"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|
