9/11/2013
Date Patched:
No patch available.
Vendor:
ProFTPd
Affected Software:
ProFTPd 1.3.4d and prior
ProFTPd 1.3.5rc3 and prior
Description:A vulnerability within ProFTPd can be triggered when handling specially crafted TCP packets, causing a denial of service condition. This occurs during authentication.
Severity:
Moderate
Code Execution:
No.
Impact:
Denial of Service
Exploitation of this vulnerability will render the service on the affected system unresponsive while the memory of the system is exhausted. Attackers can continue sending malicious payloads to continue the denial of service condition indefinitely.
Mitigation:Deactivate the use of keyboard interactive authentication.
Protection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 30703 - ProFTPD Denial of Service (Zero-Day)
Status:
2013-09-11: Original Disclosure
Không có nhận xét nào:
Đăng nhận xét