Intrusion Prevention

Vsftpd.Heavy.Load.Handling.DoS

Description

This indicates an attack attempt against a Denial-Of-Service vulnerability in vsftpd.
The vulnerability is caused by an error when the vulnerable software handles a large number of incoming TCP connections. It allows a remote attacker to cause a race condition error on a targeted FTP server.

Affected Products

Vsftpd Vsftpd 1.2.1

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to the latest version of vsftpd (1.2.2 or later):
http://vsftpd.beasts.org/

CVE References

CVE-2004-2259