CNNVD-202601-2404 Information
Jan 14, 2026
cve
CNNVD ID
CNNVD-202601-2404
Related CVE
- CNNVD Published: 2026-01-14
Description (Chinese)
vsftpd是Chris Evans个人开发者的一个FTP服务器。 vsftpd存在安全漏洞,该漏洞源于解析ls命令参数时存在整数溢出,可能导致远程经过身份验证的攻击者通过发送特制的STAT命令触发拒绝服务攻击。
Description (English)
vsftpd is an FTP server for Chris Evans personal developers. There is a security loophole in vsftpd, which stems from the integer spill at the time of the resolution of the ls command parameters, which may result in a remote, identified assailant triggering a denial of service attack by sending a specially designed STAT order.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2026-01-14
Last Modified
2026-02-24
References
https://access.redhat.com/errata/RHSA-2026:0605 https://access.redhat.com/errata/RHSA-2026:0606 https://access.redhat.com/errata/RHSA-2026:0608 https://access.redhat.com/security/cve/CVE-2025-14242 https://bugzilla.redhat.com/show_bug.cgi?id=2419826