USN-1098-1: vsftpd vulnerability
29 March 2011
An attacker could send crafted input to vsftpd and cause it to crash.
- vsftpd - lightweight, efficient FTP server written for security
It was discovered that vsftpd incorrectly handled certain glob expressions.
A remote authenticated user could use a crafted glob expression to cause
vftpd to consume all resources, leading to a denial of service.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.