CVE-2007-6740
published 2010-10-19CVE-2007-6740: The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit the number of attempts to discover a unique filename, which might allow remote…
PriorityP413medium4CVSS 2.0
AVNACLAuSCNINAP
EPSS
1.16%
63.1th percentile
The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit the number of attempts to discover a unique filename, which might allow remote authenticated users to cause a denial of service via a STOU command.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | python-pyftpdlib | — | — |
| g.rodola | pyftpdlib | <= 0.1.1 | — |
| g.rodola | pyftpdlib | — | — |
| g.rodola | pyftpdlib | >= 0 < 0.2.0 | 0.2.0 |
CVSS provenance
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
vendor_debian4.0LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2007-6740: python-pyftpdlib - The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit t...
vendor_debian·2007·CVSS 4.0
CVE-2007-6740 [MEDIUM] CVE-2007-6740: python-pyftpdlib - The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit t...
The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit the number of attempts to discover a unique filename, which might allow remote authenticated users to cause a denial of service via a STOU command.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
GHSA
pyftpdlib vulnerable to allocation of resources without limits
ghsa·2022-05-01
CVE-2007-6740 [HIGH] CWE-770 pyftpdlib vulnerable to allocation of resources without limits
pyftpdlib vulnerable to allocation of resources without limits
The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit the number of attempts to discover a unique filename, which might allow remote authenticated users to cause a denial of service via a STOU command.
OSV
pyftpdlib vulnerable to allocation of resources without limits
osv·2022-05-01
CVE-2007-6740 [HIGH] pyftpdlib vulnerable to allocation of resources without limits
pyftpdlib vulnerable to allocation of resources without limits
The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit the number of attempts to discover a unique filename, which might allow remote authenticated users to cause a denial of service via a STOU command.
OSV
CVE-2007-6740: The ftp_STOU function in FTPServer
osv·2010-10-19
CVE-2007-6740 CVE-2007-6740: The ftp_STOU function in FTPServer
The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit the number of attempts to discover a unique filename, which might allow remote authenticated users to cause a denial of service via a STOU command.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://code.google.com/p/pyftpdlib/issues/detail?id=25http://code.google.com/p/pyftpdlib/source/browse/trunk/HISTORYhttp://code.google.com/p/pyftpdlib/source/detail?r=37http://code.google.com/p/pyftpdlib/source/diff?spec=svn37&r=37&format=side&path=/trunk/pyftpdlib/FTPServer.pyhttp://code.google.com/p/pyftpdlib/issues/detail?id=25http://code.google.com/p/pyftpdlib/source/browse/trunk/HISTORYhttp://code.google.com/p/pyftpdlib/source/detail?r=37http://code.google.com/p/pyftpdlib/source/diff?spec=svn37&r=37&format=side&path=/trunk/pyftpdlib/FTPServer.py
2010-10-19
Published