Vulnerabilities > CVE-2009-5013 - Resource Management Errors vulnerability in G.Rodola Pyftpdlib

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

g-rodola

CWE-399

nessus

NVD

Published: 2010-10-19

Updated: 2010-10-20

Summary

Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib before 0.5.2 allows remote authenticated users to cause a denial of service (memory consumption) by sending a QUIT command during a data transfer.

Vulnerable Configurations

Part	Description	Count
Application	G.Rodola G.Rodola Pyftpdlib 0.1 G.Rodola Pyftpdlib 0.1.1 G.Rodola Pyftpdlib 0.2.0 G.Rodola Pyftpdlib 0.3.0 G.Rodola Pyftpdlib 0.4.0 G.Rodola Pyftpdlib 0.5.0 G.Rodola Pyftpdlib *	7

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Nessus

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2010-16731.NASL
description	- Tue Oct 26 2010 Silas Sewell <silas at sewell.ch> - 0.5.2-1 - Update to 0.5.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	50482
published	2010-11-05
reporter	This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/50482
title	Fedora 12 : pyftpdlib-0.5.2-1.fc12 (2010-16731)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References