Date Disclosed:
9/11/2013
Date Patched:
No patch available.
Vendor:
ProFTPd
Affected Software:
A vulnerability within ProFTPd can be triggered when handling specially crafted TCP packets, causing a denial of service condition. This occurs during authentication.
Severity:
Moderate
Code Execution:
No.
Impact:
Exploitation of this vulnerability will render the service on the affected system unresponsive while the memory of the system is exhausted. Attackers can continue sending malicious payloads to continue the denial of service condition indefinitely.Mitigation:
Deactivate the use of keyboard interactive authentication.
Protection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
Status:
2013-09-11: Original Disclosure
9/11/2013
Date Patched:
No patch available.
Vendor:
ProFTPd
Affected Software:
ProFTPd 1.3.4d and prior
ProFTPd 1.3.5rc3 and prior
Description:A vulnerability within ProFTPd can be triggered when handling specially crafted TCP packets, causing a denial of service condition. This occurs during authentication.
Severity:
Moderate
Code Execution:
No.
Impact:
Denial of Service
Deactivate the use of keyboard interactive authentication.
Protection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 30703 - ProFTPD Denial of Service (Zero-Day)
Status:
2013-09-11: Original Disclosure
0 nhận xét:
Đăng nhận xét