CVE-2007-5962 - Blasting Juries


Memory leak in a certain Red Hat patch applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8 and on Foresight Linux and rPath appliances allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands as demonstrated by an attack on a daemon with the deny_file configuration option.