This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200407-04
(Pure-FTPd: Potential DoS when maximum connections is reached)
Pure-FTPd contains a bug in the accept_client function handling the
setup of new connections.
When the maximum number of connections is reached an attacker could
exploit this vulnerability to perform a Denial of Service attack.
There is no known workaround at this time. All users are encouraged to
upgrade to the latest available version.
See also :
All Pure-FTPd users should upgrade to the latest stable version:
# emerge sync
# emerge -pv '>=net-ftp/pure-ftpd-1.0.18-r1'
# emerge '>=net-ftp/pure-ftpd-1.0.18-r1'
Risk factor :
Medium / CVSS Base Score : 5.0
Family: Gentoo Local Security Checks
Nessus Plugin ID: 14537 (gentoo_GLSA-200407-04.nasl)
CVE ID: CVE-2004-0656