OVAL Repository - View Definition: oval:org.mitre.oval:def:1333

Open Vulnerability and Assessment Language (OVAL)

News — July 2, 2009

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:1333		Date: 2007-09-13
Title:	WU-FTPD "glob-*" Remote DoS Vulnerability (B.11.00)
Description:	The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.
Version:	2	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2005-0256
Family:	unix
Platform(s):	HP-UX 11	Product(s):	ftpd
Definition Synopsis:
700 Series or 800 Series OS Release 11.00 700 Series OS Release 11.00 700-series HP AND HP Release B.11.00 OR 800 Series OS Release 11.00 800-series HP AND HP Release B.11.00 AND INETSVCS-RUN without patch PHNE_34543 or later, OR WUFTP-26.INETSVCS-FTP with version less than B.11.11.01.006 is installed INETSVCS-RUN without patch PHNE_34543 or later InternetSrvcs.INETSVCS-RUN is installed AND NOT Patch PHNE_34543 is installed OR WUFTP-26.INETSVCS-FTP with version less than B.11.11.01.006 is installed

NEW SEARCH : BACK

Section Contents
About the Repository
Authoring Style Guide
Submission Guidelines
OVAL Definition Lifecycle
Statement of CVE Compatibility
Top Contributor Awards
Other Repositories
Join Repository Forum
Forum Archives
Terms of Use


	OVAL is sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security. The OVAL Web site is hosted by The MITRE Corporation. Copyright 2002-2009, The MITRE Corporation. All rights reserved. OVAL and the OVAL logo are registered trademarks of The MITRE Corporation. Contact oval@mitre.org for more information.	Privacy policy Terms of use