Vulnerabilities > CVE-2003-0135 - Unspecified vulnerability in Redhat Linux 9.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
redhat
NVD
Published: 2003-04-11
Updated: 2017-10-11

Summary

vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended.

Vulnerable Configurations

Part Description Count
OS
Redhat
1

Oval

accepted2010-09-20T04:00:33.393-04:00
classvulnerability
contributors
  • nameJay Beale
    organizationBastille Linux
  • nameJay Beale
    organizationBastille Linux
  • nameThomas R. Jones
    organizationMaitreya Security
  • nameJonathan Baker
    organizationThe MITRE Corporation
descriptionvsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended.
familyunix
idoval:org.mitre.oval:def:634
statusaccepted
submitted2003-08-11T12:00:00.000-04:00
titlevsftpd Fails to Integrate with TCP Wrappers
version41

Redhat

advisories
rhsa
idRHSA-2003:084

References