Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0256

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-0256
Last Modified 07 Mar 2011 12:00:00
Published 02 May 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0256

Summary

The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.

Vulnerable Systems

Application

  • Washington University Wu-ftpd 2.6.1

  • Washington University Wu-ftpd 2.6.2


References

DEBIAN - DSA-705

VUPEN - ADV-2006-1271

VUPEN - ADV-2005-0588

OSVDB - 14203

IDEFENSE - 20050225 WU-FTPD File Globbing Denial of Service Vulnerability

SUNALERT - 57795

SUNALERT - 101699

SECUNIA - 19561

SECUNIA - 18210

SECUNIA - 14411

HP - HPSBUX02110

HP - SSRT061110

SCO - SCOSA-2005.63


Last Updated: 27 May 2016 10:39:44