GLSA-200407-04 : Pure-FTPd: Potential DoS when maximum connections is reached
Medium Nessus Plugin ID 14537
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200407-04 (Pure-FTPd: Potential DoS when maximum connections is reached)
Pure-FTPd contains a bug in the accept_client function handling the setup of new connections.
When the maximum number of connections is reached an attacker could exploit this vulnerability to perform a Denial of Service attack.
There is no known workaround at this time. All users are encouraged to upgrade to the latest available version.
SolutionAll Pure-FTPd users should upgrade to the latest stable version:
# emerge sync # emerge -pv '>=net-ftp/pure-ftpd-1.0.18-r1' # emerge '>=net-ftp/pure-ftpd-1.0.18-r1'