Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib
Moderate severity
GitHub Reviewed
Published
May 2, 2022
to the GitHub Advisory Database
•
Updated Oct 14, 2024
Description
Published by the National Vulnerability Database
Oct 19, 2010
Published to the GitHub Advisory Database
May 2, 2022
Reviewed
Jun 17, 2022
Last updated
Oct 14, 2024
Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.1 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, a different vulnerability than CVE-2010-3494.
References