Detections
Analytics
Fedora 13 : vsftpd-2.3.4-1.fc13 (2011-2615)
medium Nessus Plugin ID 52663
Language:
Synopsis
The remote Fedora host is missing a security update.Description
- Thu Mar 3 2011 Jiri Skala <jskala at redhat.com> - 2.3.4-1- update to latest upstream 2.3.4
- fixes #681935 - CVE-2011-0762 vsftpd: remote DoS via crafted glob pattern
- Mon May 17 2010 Jiri Skala <jskala at redhat.com> - 2.2.2-7
- when listen_ipv6=YES sets socket option to listen IPv6 only
- Fri May 14 2010 Jiri Skala <jskala at redhat.com> - 2.2.2-6
- syscall(__NR_clone) replaced by clone() to fix incorrect order of params on s390 arch
- Wed Apr 7 2010 Jiri Skala <jskala at redhat.com> - 2.2.2-5
- corrected daemonize_plus patch - don't try kill parent when vsftpd isn't daemonized
- Tue Mar 16 2010 Jiri Skala <jskala at redhat.com> - 2.2.2-4
- fixes #544251 - /etc/rc.d/init.d/vsftpd does not start more than one daemon
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected vsftpd package.See Also
Plugin Details
Severity: Medium
ID: 52663
File Name: fedora_2011-2615.nasl
Version: 1.12
Type: local
Agent: unix
Family: Fedora Local Security Checks
Published: 3/15/2011
Updated: 1/11/2021
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 4
Temporal Score: 3.1
Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P
Vulnerability Information
CPE: p-cpe:/a:fedoraproject:fedora:vsftpd, cpe:/o:fedoraproject:fedora:13
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/4/2011
Reference Information
CVE: CVE-2011-0762
BID: 46617
FEDORA: 2011-2615