CVE-2011-0762

EPSS 45.3%

vsftpd - denial of service

Published: 3/2/2011Modified: 4/28/2026

Description

The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.

Affected packages (2)

Debian/vsftpdfrom 0, < 2.3.4-1
Debian/vsftpdfrom 0, < 2.3.2-3+squeeze2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-0762