CVE-2011-0762 Scanner

vsftpd is a popular FTP server used in various UNIX-based systems. It is known for its simplicity and security features, which make it a preferred choice for small to medium-sized FTP server setups. System administrators often deploy vsftpd to facilitate secure file transfers over FTP on production servers. The software is designed to handle a multitude of concurrent connections without compromising performance. Being open-source, it allows for thorough scrutiny and enhancement by the community. vsftpd is widely recognized for its robustness and is often employed in environments that prioritize security.

Denial of Service (DoS) vulnerabilities are critical as they can render a system unavailable for legitimate users. In this case, the vulnerability within vsftpd before version 2.3.3 allows remote authenticated users to manipulate the system via crafted glob expressions. Exploiting the vulnerability involves sending malformed commands that strain system resources, resulting in CPU exhaustion. This vulnerability, therefore, affects server performance and accessibility for authorized tasks. Remediation is crucial as leaving it unaddressed could make the FTP services unreliable.

The vulnerability is specifically located in the vsf_filename_passes_filter function within ls.c in vsftpd. Malicious users exploit this by sending strategically crafted STAT commands through multiple FTP sessions. These commands are designed to consume extensive CPU resources and exhaust process slots, hindering the server's capability to process legitimate requests efficiently. The attacker effectively saturates the system's processing capacity, leading to degraded server performance and potential downtime. It's notable that this particular loophole is distinct from other similar vulnerabilities identified in previous versions, like CVE-2010-2632.

If exploited, this vulnerability can have significant ramifications on the affected systems. It can lead to increased CPU usage and depletion of process slots, making the server sluggish or entirely unresponsive to legitimate users. Such impairment undermines the reliability of the FTP services, potentially interrupting automated tasks and preventing users from accessing their required files. In severe cases, it can result in service outages that might require server reboots or service restarts to resolve. Persistent exploitation could also facilitate further attacks through prolonged system strain.

REFERENCES

• ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.3.4/Changelog
• http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622741
• http://cxib.net/stuff/vspoc232.c
• http://jvn.jp/en/jp/JVN37417423/index.html
• http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055881.html