rPath Security Advisory: 2008-0217-1 Published: 2008-07-08 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Remote Non-deterministic Denial of Service Updated Versions: vsftpd=conary.rpath.com@rpl:1/2.0.3-13.4-1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-2640 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2375 Description: Previous versions of the vsftpd package are vulnerable to a Denial of Service attack in which a remote attacker may be able to trigger excessive memory consumption by performing a large number of invalid authentication attempts. http://wiki.rpath.com/Advisories:rPSA-2008-0217 Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html