/
PYSEC-2010-8.yaml
37 lines (37 loc) · 1.13 KB
/
PYSEC-2010-8.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
id: PYSEC-2010-8
details: Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before
0.5.2 allows remote attackers to cause a denial of service (daemon outage) by establishing
and then immediately closing a TCP connection, leading to the getpeername function
having an ENOTCONN error, a different vulnerability than CVE-2010-3494.
affected:
- package:
name: pyftpdlib
ecosystem: PyPI
purl: pkg:pypi/pyftpdlib
ranges:
- type: ECOSYSTEM
events:
- introduced: "0"
- fixed: 0.5.2
versions:
- 0.2.0
- 0.3.0
- 0.4.0
- 0.5.0
- 0.5.1
references:
- type: WEB
url: http://code.google.com/p/pyftpdlib/issues/detail?id=100
- type: WEB
url: http://code.google.com/p/pyftpdlib/source/browse/trunk/HISTORY
- type: WEB
url: http://code.google.com/p/pyftpdlib/source/diff?spec=svn543&r=543&format=side&path=/trunk/pyftpdlib/ftpserver.py
- type: WEB
url: http://code.google.com/p/pyftpdlib/source/detail?r=543
- type: ADVISORY
url: https://github.com/advisories/GHSA-62xg-239j-vxg7
aliases:
- CVE-2009-5011
- GHSA-62xg-239j-vxg7
modified: "2021-07-05T00:01:24.787287Z"
published: "2010-10-19T20:00:00Z"