CVE-2008-7263

Improper Authentication in pypi/pyftpdlib

Identifiers

GHSA-q6w2-jxcm-2crj, CVE-2008-7263

Package Slug

pypi/pyftpdlib

Vulnerability

Improper Authentication

Description

ftpserver.py in pyftpdlib before 0.5.0 does not delay its response after receiving an invalid login attempt, which makes it easier for remote attackers to obtain access via a brute-force attack.

Affected Versions

All versions before 0.5.0

Solution

Upgrade to version 0.5.0 or above.

Last Modified

2022-06-10

source