id: CVE-2019-20176 info: name: Pure-FTPd < 1.0.50 - DoS via Resource Exhaustion author: pussycat0x severity: high description: | Pure-FTPd versions prior to 1.0.50 are vulnerable to resource exhaustion leading to denial of service. The vulnerability occurs in the listdir() function when processing crafted LIST commands, causing stack exhaustion that can crash the FTP server. impact: | Unauthenticated attackers can send crafted LIST commands to exhaust stack resources in the listdir() function, causing denial of service by crashing the Pure-FTPd server. remediation: | Update Pure-FTPd to version 1.0.50 or later that properly handles LIST command processing and prevents stack exhaustion vulnerabilities. reference: - https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AHZG5FPCRMCB6Z3L7FPICC6BZ5ZATFTO/ - https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PICL3U2J4EPGBLOE555Y5RAZTQL3WBBV/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H cvss-score: 7.5 cve-id: CVE-2019-20176 cwe-id: CWE-400 epss-score: 0.10784 epss-percentile: 0.93486 cpe: cpe:2.3:a:pureftpd:pure-ftpd:1.0.49:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: pureftpd product: pure-ftpd shodan-query: - product:"pure-ftpd" version:"1.0.45" - cpe:"cpe:2.3:a:pureftpd:pure-ftpd" tags: cve,cve2019,network,ftp,pure-ftpd,tcp,passive,vuln tcp: - inputs: - data: 00000000 type: hex host: - "{{Hostname}}" port: 21 read-size: 1024 matchers: - type: dsl dsl: - "contains(raw, 'Pure-FTPd')" - "compare_versions(version, '< 1.0.50')" condition: and extractors: - type: regex group: 1 name: version regex: - "Pure-FTPd ([0-9.]+)" # digest: 4a0a00473045022100b4242be104a937b2197e235689ae3232cc2fcdb0507f26266b72b78d8dbb5c700220667efd01e2948f1c86966a032a5cc116fd5b17c084c4450b2af208b6d2a1c080:922c64590222798bb761d5b6d8e72950