Vulnerability Name:

CVE-2011-0418 (CCN-67230)

Assigned:2011-05-02
Published:2011-05-02
Updated:2011-09-22
Summary:The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service (memory consumption) via a crafted FTP STAT command.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
3.3 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
4.1 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-20
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2011-0418

Source: CONFIRM
Type: Patch
http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c#rev1.28

Source: CONFIRM
Type: Patch
http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c.diff?r1=1.27&r2=1.28&f=h

Source: CCN
Type: NetBSD-SA2010-008
sftp(1)/ftp(1)/glob(3) related resource exhaustion

Source: CCN
Type: SA44392
NetBSD GLOB_LIMIT Resource Exhaustion Denial of Service

Source: CCN
Type: SA52025
FreeBSD ftpd GLOB_LIMIT Resource Exhaustion Denial of Service

Source: CCN
Type: SecurityReason SecurityAlert : 97
Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion

Source: SREASONRES
Type: Exploit
20110502 Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion

Source: SREASON
Type: UNKNOWN
8228

Source: CCN
Type: GNU C Library Web page
GNC C Library - GNU Project - Free Software Foundation (FSF)

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:094

Source: CCN
Type: OSVDB ID: 72176
NetBSD libc GLOB_LIMIT Resource Exhaustion DoS

Source: CCN
Type: OSVDB ID: 74379
OpenBSD libc glob GLOB_APPEND / GLOB_DOOFFS Flags Crafted String Multiple Overflows

Source: CONFIRM
Type: UNKNOWN
http://www.pureftpd.org/project/pure-ftpd/news

Source: BID
Type: Exploit
47671

Source: CCN
Type: BID-47671
GNU libc glob(3) 'pattern' Remote Denial of Service Vulnerability

Source: VUPEN
Type: Vendor Advisory
ADV-2011-1273

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=704283

Source: XF
Type: UNKNOWN
multiple-pattern-dos(67230)

Source: CCN
Type: Packet Storm Security [02-02-2013]
FreeBSD 9.1 ftpd Remote Denial Of Service

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [02-03-2013]

Vulnerable Configuration:Configuration 1:
  • cpe:/a:pureftpd:pure-ftpd:0.90:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.91:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.92:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.93:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.94:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.95:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.95-pre1:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.95-pre2:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.95-pre3:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.95-pre4:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.95.1:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.95.2:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.96:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.96.1:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.96pre1:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97-final:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97.1:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97.2:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97.3:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97.4:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97.5:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97.6:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97.7:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97.7pre1:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97.7pre2:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97.7pre3:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97pre1:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97pre2:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97pre3:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97pre4:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.97pre5:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.98-final:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.98.1:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.98.2:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.98.2a:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.98.3:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.98.4:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.98.5:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.98.6:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.98.7:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.98pre1:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.98pre2:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.99:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.99.1:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.99.1a:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.99.1b:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.99.2:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.99.2a:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.99.3:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.99.4:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.99.9:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.99a:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.99b:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.99pre1:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:0.99pre2:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.13a:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.16a:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.16b:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.16c:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.17a:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.19:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.20:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.21:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.22:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.24:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.25:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.26:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.27:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.28:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.29:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:1.0.30:*:*:*:*:*:*:*
  • OR cpe:/a:pureftpd:pure-ftpd:*:*:*:*:*:*:*:* (Version <= 1.0.31)

    • Configuration 2:
  • cpe:/o:netbsd:netbsd:5.1:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:openbsd:openbsd:*:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:5.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:113183
    P
    		pure-ftpd-1.0.43-1.3 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:106604
    P
    		pure-ftpd-1.0.43-1.3 on GA media (Moderate)
    2021-10-01
    oval:com.ubuntu.precise:def:20110418000
    V
    		CVE-2011-0418 on Ubuntu 12.04 LTS (precise) - medium.
    2011-05-24
    BACK
    pureftpd pure-ftpd 0.90
    pureftpd pure-ftpd 0.91
    pureftpd pure-ftpd 0.92
    pureftpd pure-ftpd 0.93
    pureftpd pure-ftpd 0.94
    pureftpd pure-ftpd 0.95
    pureftpd pure-ftpd 0.95-pre1
    pureftpd pure-ftpd 0.95-pre2
    pureftpd pure-ftpd 0.95-pre3
    pureftpd pure-ftpd 0.95-pre4
    pureftpd pure-ftpd 0.95.1
    pureftpd pure-ftpd 0.95.2
    pureftpd pure-ftpd 0.96
    pureftpd pure-ftpd 0.96.1
    pureftpd pure-ftpd 0.96pre1
    pureftpd pure-ftpd 0.97-final
    pureftpd pure-ftpd 0.97.1
    pureftpd pure-ftpd 0.97.2
    pureftpd pure-ftpd 0.97.3
    pureftpd pure-ftpd 0.97.4
    pureftpd pure-ftpd 0.97.5
    pureftpd pure-ftpd 0.97.6
    pureftpd pure-ftpd 0.97.7
    pureftpd pure-ftpd 0.97.7pre1
    pureftpd pure-ftpd 0.97.7pre2
    pureftpd pure-ftpd 0.97.7pre3
    pureftpd pure-ftpd 0.97pre1
    pureftpd pure-ftpd 0.97pre2
    pureftpd pure-ftpd 0.97pre3
    pureftpd pure-ftpd 0.97pre4
    pureftpd pure-ftpd 0.97pre5
    pureftpd pure-ftpd 0.98-final
    pureftpd pure-ftpd 0.98.1
    pureftpd pure-ftpd 0.98.2
    pureftpd pure-ftpd 0.98.2a
    pureftpd pure-ftpd 0.98.3
    pureftpd pure-ftpd 0.98.4
    pureftpd pure-ftpd 0.98.5
    pureftpd pure-ftpd 0.98.6
    pureftpd pure-ftpd 0.98.7
    pureftpd pure-ftpd 0.98pre1
    pureftpd pure-ftpd 0.98pre2
    pureftpd pure-ftpd 0.99
    pureftpd pure-ftpd 0.99.1
    pureftpd pure-ftpd 0.99.1a
    pureftpd pure-ftpd 0.99.1b
    pureftpd pure-ftpd 0.99.2
    pureftpd pure-ftpd 0.99.2a
    pureftpd pure-ftpd 0.99.3
    pureftpd pure-ftpd 0.99.4
    pureftpd pure-ftpd 0.99.9
    pureftpd pure-ftpd 0.99a
    pureftpd pure-ftpd 0.99b
    pureftpd pure-ftpd 0.99pre1
    pureftpd pure-ftpd 0.99pre2
    pureftpd pure-ftpd 1.0.0
    pureftpd pure-ftpd 1.0.1
    pureftpd pure-ftpd 1.0.2
    pureftpd pure-ftpd 1.0.3
    pureftpd pure-ftpd 1.0.4
    pureftpd pure-ftpd 1.0.5
    pureftpd pure-ftpd 1.0.6
    pureftpd pure-ftpd 1.0.7
    pureftpd pure-ftpd 1.0.8
    pureftpd pure-ftpd 1.0.9
    pureftpd pure-ftpd 1.0.10
    pureftpd pure-ftpd 1.0.11
    pureftpd pure-ftpd 1.0.12
    pureftpd pure-ftpd 1.0.13a
    pureftpd pure-ftpd 1.0.14
    pureftpd pure-ftpd 1.0.15
    pureftpd pure-ftpd 1.0.16a
    pureftpd pure-ftpd 1.0.16b
    pureftpd pure-ftpd 1.0.16c
    pureftpd pure-ftpd 1.0.17
    pureftpd pure-ftpd 1.0.17a
    pureftpd pure-ftpd 1.0.18
    pureftpd pure-ftpd 1.0.19
    pureftpd pure-ftpd 1.0.20
    pureftpd pure-ftpd 1.0.21
    pureftpd pure-ftpd 1.0.22
    pureftpd pure-ftpd 1.0.24
    pureftpd pure-ftpd 1.0.25
    pureftpd pure-ftpd 1.0.26
    pureftpd pure-ftpd 1.0.27
    pureftpd pure-ftpd 1.0.28
    pureftpd pure-ftpd 1.0.29
    pureftpd pure-ftpd 1.0.30
    pureftpd pure-ftpd *
    netbsd netbsd 5.1
    openbsd openbsd *
    netbsd netbsd 5.1