Vsftpd '__tzfile_read()' Function Heap Based Buffer Overflow Vulnerability Network Vulnerability

Summary

vsftpd is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user- supplied data. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of- service conditions. vsftpd 2.3.4 is affected other versions may also be vulnerable.

References

http://dividead.wordpress.com/tag/heap-overflow/
http://vsftpd.beasts.org/
http://www.securityfocus.com/bid/51013

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FileCopa FTP Server 'NOOP' Command DoS Vulnerability
Ricoh DC Software DL-10 FTP Server 'USER' Command Buffer Overflow Vulnerability
Telnet-Ftp Server Directory Traversal Vulnerability
Titan FTP Server Multiple Directory Traversal Vulnerabilities
TurboFTP 'DELE' FTP Command Remote Buffer Overflow Vulnerability

vsftpd '__tzfile_read()' Function Heap Based Buffer Overflow Vulnerability

Take action and discover your vulnerabilities