Intrusion Prevention

Vsftpd.Heavy.Load.DoS

Description

This indicates an attack attempt against a denial-of-service vulnerability in vsftpd.
The vulnerability is caused by an error when the vulnerable software handles a large number of incoming TCP connections. It allows a remote attacker to a race condition on the target FTP server.

Affected Products

Vsftpd Vsftpd 1.2.1

Impact

Denial of service

Recommended Actions

Upgrade to the latest version of vsftpd (1.2.2 or later):
http://vsftpd.beasts.org/

CVE References

CVE-2004-2259