QwikSec

Security Database

CVE

CWE

Training

CVE-2010-2632

Published: Jan 19, 2011

Modified: Aug 7, 2024

PUBLISHED

Description

Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SECUNIA

20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)

third-party-advisory

x_refsource_SREASONRES

third-party-advisory

x_refsource_SECUNIA

solaris-ftp-dos(64798)

vdb-entry

x_refsource_XF

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10598

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

https://support.avaya.com/css/P8/documents/100127892

x_refsource_CONFIRM

20110502 Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion

third-party-advisory

x_refsource_SREASONRES

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_VUPEN

http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.