vsftpd software vulnerabilities
vulnerabilities.aspcode.net
Searching vsftpd software vulnerabilities
vsftpd 1.1.3 generates different error messages
vsftpd
|
vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to identify valid usernames.
vsftpd before 1.2.2, when under heavy load, all
before
|
vsftpd
|
vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service (crash) via a SIGCHLD signal during a malloc or free call, which is not re-entrant.
Unspecified vulnerability in the SQL logging fa
vulnerability
|
Unspecified
|
PAM-MySQL
|
facility
|
logging
|
before
|
06x
|
SQL
|
Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors, probably involving the pam_mysql_sql_log function when being used in vsftpd, which does not include the IP address argument to an sprintf call.
BlockHosts before 2.0.4 does not properly parse
BlockHosts
|
before
|
BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765.
Software vulnerabilities results 1 to 5 of 5
Page:
1