CVE-2011-0762
Published: 2 March 2011
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
Notes
Author | Note |
---|---|
mdeslaur | PoC: http://www.exploit-db.com/exploits/16270/ PoC: http://cxib.net/stuff/vspoc232.c |