This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200403-08
(oftpd DoS vulnerability)
Issuing a port command with a number higher than 255 causes the server
to crash. The port command may be issued before any authentication
takes place, meaning the attacker does not need to know a valid
username and password in order to exploit this vulnerability.
This exploit causes a denial of service.
While a workaround is not currently known for this issue, all users are
advised to upgrade to the latest version of the affected package.
See also :
All users should upgrade to the current version of the affected
# emerge sync
# emerge -pv '>=net-ftp/oftpd-0.3.7'
# emerge '>=net-ftp/oftpd-0.3.7'
Risk factor :
Medium / CVSS Base Score : 5.0
Family: Gentoo Local Security Checks
Nessus Plugin ID: 14459 (gentoo_GLSA-200403-08.nasl)
CVE ID: CVE-2004-0376
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.