CVE-2008-7264

Improper Input Validation in pypi/pyftpdlib

Identifiers

GHSA-8p2c-fghc-9hj4, CVE-2008-7264

Package Slug

pypi/pyftpdlib

Vulnerability

Improper Input Validation

Description

The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows remote authenticated users to cause a denial of service (file descriptor exhaustion and daemon outage) by sending a QUIT command during a disallowed data-transfer attempt.

Affected Versions

All versions before 0.5.0

Solution

Upgrade to version 0.5.0 or above.

Last Modified

2022-06-10

source