CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2019-20176

HIGH
7.5
CVSS Severity Score
EPSS Score0.0140%
EPSS Percentile21.55th
Published2019年12月31日
Last Modified2024年11月21日

Vulnerability Description

In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c.

Affected Platforms (CPE)

📦
Pureftpd

Pure Ftpd

= 1.0.49
💻
Fedoraproject

Fedora

= 30
💻
Fedoraproject

Fedora

= 31

References & Advisories

🔗 https://github.com/jedisct1/pure-ftpd/commit/aea56f4bcb9948d456f3fae4d044fd3fa2e19706
🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AHZG5FPCRMCB6Z3L7FPICC6BZ5ZATFTO/
🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PICL3U2J4EPGBLOE555Y5RAZTQL3WBBV/
🔗 https://github.com/jedisct1/pure-ftpd/commit/aea56f4bcb9948d456f3fae4d044fd3fa2e19706
🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AHZG5FPCRMCB6Z3L7FPICC6BZ5ZATFTO/
🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PICL3U2J4EPGBLOE555Y5RAZTQL3WBBV/

相關漏洞威脅

CVE-2017-121709.8

Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configur...

CVE-2020-92747.5

An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked lis...

CVE-2020-353597.5

Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough connections to exceed the connection li...

CVE-2020-93657.5

An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c.