oss-sec mailing list archives

Re: vsftpd CVE-2007-5962 (Red Hat / Fedora specific)

From: Josh Bressers <bressers () redhat com>
Date: Wed, 21 May 2008 15:58:37 -0400

On 21 May 2008, Jonathan Smith wrote:

Tomas Hoger wrote:

This is just a heads-up.  We are releasing updated vsftpd packages
containing a fix for a minor memory leak identified by CVE-2007-5962.


The memory leak itself is CVE-2007-5962? Or is the CVE for the original
issue where deny_hosts didn't work as expected? It doesn't seem to be
public.


The leak is CVE-2007-5962.  deny_hosts not working did not get a CVE id.

-- 
    JB

Current thread:

vsftpd CVE-2007-5962 (Red Hat / Fedora specific) Tomas Hoger (May 21)
- Re: vsftpd CVE-2007-5962 (Red Hat / Fedora specific) Jonathan Smith (May 21)
  - Re: vsftpd CVE-2007-5962 (Red Hat / Fedora specific) Josh Bressers (May 21)
    - Re: vsftpd CVE-2007-5962 (Red Hat / Fedora specific) Steven M. Christey (May 21)
    - Re: vsftpd CVE-2007-5962 (Red Hat / Fedora specific) Jonathan Smith (May 21)