Vsftpd '__tzfile_read()' Function Heap Based Buffer Overflow Vulnerability Network Vulnerability

Summary

vsftpd is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user- supplied data. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of- service conditions. vsftpd 2.3.4 is affected other versions may also be vulnerable.

References

http://dividead.wordpress.com/tag/heap-overflow/
http://vsftpd.beasts.org/
http://www.securityfocus.com/bid/51013

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

WarFTPD Multiple Format String Vulnerabilities
XM Easy Personal FTP Server 'LIST' And 'NLST' Command DoS Vulnerability
Surge-FTP Admin Multiple Reflected Cross-site Scripting Vulnerabilities
TypSoft FTP STOR/RETR DoS
QuickShare File Share FTP Server Directory Traversal Vulnerability

vsftpd '__tzfile_read()' Function Heap Based Buffer Overflow Vulnerability

Take action and discover your vulnerabilities