New Search

WU-FTPD "glob-*" Remote DoS Vulnerability (B.11.11)

oval:org.mitre.oval:def:1762

The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters as demonstrated using the dir command.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • HP-UX 11
Class:
vulnerability
Reference(s):
  • CVE-2005-0256
Product(s):
  • ftpd