vsftpd-3.0.5-6.el9_7.2
エラータID: AXSA:2026-050:02
Release date:
Wednesday, January 21, 2026 - 10:23
Subject:
vsftpd-3.0.5-6.el9_7.2
Affected Channels:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
The vsftpd packages include a Very Secure File Transfer Protocol (FTP) daemon, which is used to serve files over a network.
Security Fix(es):
* vsftpd: vsftpd: Denial of service via integer overflow in ls command parameter parsing (CVE-2025-14242)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-14242
A flaw was found in vsftpd. This vulnerability allows a denial of service (DoS) via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence.
Solution:
Update packages.
CVEs:
CVE-2025-14242
A flaw was found in vsftpd. This vulnerability allows a denial of service (DoS) via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence.
A flaw was found in vsftpd. This vulnerability allows a denial of service (DoS) via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence.
Additional Info:
N/A
Download:
SRPMS
- vsftpd-3.0.5-6.el9_7.2.src.rpm
MD5: 0004399436a6eee6bb68be5c50856985
SHA-256: 782c54916de6ab9573abdb27f51cfd479dfa8a553773df9d514dd009a4137704
Size: 301.06 kB
Asianux Server 9 for x86_64
- vsftpd-3.0.5-6.el9_7.2.x86_64.rpm
MD5: ffc55730e6149085f104b30b05035be2
SHA-256: 253e3bc5c5837c25feb7f6fbb8bcfd3e44086b893548fed1e35f542c304f6d3b
Size: 168.02 kB