Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, a related issue to CVE-2010-3492.
Software | From | Fixed in |
---|---|---|
g.rodola / pyftpdlib | - | 0.5.1.x |
g.rodola / pyftpdlib | 0.1 | 0.1.x |
g.rodola / pyftpdlib | 0.1.1 | 0.1.1.x |
g.rodola / pyftpdlib | 0.2.0 | 0.2.0.x |
g.rodola / pyftpdlib | 0.3.0 | 0.3.0.x |
g.rodola / pyftpdlib | 0.4.0 | 0.4.0.x |
g.rodola / pyftpdlib | 0.5.0 | 0.5.0.x |
![]() |
- | 0.5.2 |