Description of problem: "Multiple Vendors libc/glob(3) Resource Exhaustion (+0day remote ftpd-anon)" Version-Release number of selected component (if applicable): Affects FTPd. Please read details in http://www.exploit-db.com/exploits/15215/ How reproducible: Steps to Reproduce: 1. 2. 3.
Depends on: (none) => 908
CC: (none) => miscBlocks: (none) => 908Depends on: 908 => (none)
The referenced report is about BSD ftpd and BSD libc, neither of which is packaged in Mageia AFAIK. Closing as invalid. If you think this is incorrect, reopen this bug *and* provide more information.
Status: NEW => RESOLVEDCC: (none) => cjwResolution: (none) => INVALID
Seems pure-ftpd is affected : http://www.pureftpd.org/project/pure-ftpd/news "Support for braces expansion in directory listings has been disabled รข Cf. CVE-2011-0418" Mandriva has updated the package to 1.0.32, see MDVSA-2011:094 Gentoo updated it : http://bugs.gentoo.org/365751 Fedora didn't yet : https://bugzilla.redhat.com/show_bug.cgi?id=704283
Status: RESOLVED => REOPENEDResolution: INVALID => (none)Source RPM: (none) => pure-ftpd
pure-ftpd is now updated in cauldron.
Status: REOPENED => RESOLVEDCC: (none) => dmorganecResolution: (none) => FIXED