Denial of Service Vulnerability in vsftpd FTP Server by Versatile Systems, Inc.
CVE-2011-0762
Currently unrated
Key Information:
- Vendor
Vsftpd Project
- Status
- Vendor
- CVE Published:
- 2 March 2011
Badges
👾 Exploit Exists🟡 Public PoC🟣 EPSS 38%
What is CVE-2011-0762?
The vsftpd FTP server version 2.3.2 and earlier is vulnerable to a denial of service attack. This vulnerability allows remote authenticated users to exhaust CPU resources and process slots through carefully constructed glob expressions sent via the STAT command, potentially leading to service disruption. As multiple FTP sessions are exploited simultaneously, the server may become unresponsive, affecting legitimate users and operational efficiency. It is important for users of affected versions to apply updates or patches to mitigate this issue.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.