Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-nvkt-u1z5-s7gh

Summary vsftpd: memory leak when deny_file option is set

Aliases

alias	CVE-2007-5962

Fixed_packages

url	pkg:deb/debian/vsftpd@0?distro=trixie
purl	pkg:deb/debian/vsftpd@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vsftpd@0%3Fdistro=trixie

url pkg:deb/debian/vsftpd@3.0.3-12?distro=trixie

purl pkg:deb/debian/vsftpd@3.0.3-12?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-u8aq-2qhu-gff5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vsftpd@3.0.3-12%3Fdistro=trixie

url pkg:deb/debian/vsftpd@3.0.3-13?distro=trixie

purl pkg:deb/debian/vsftpd@3.0.3-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-u8aq-2qhu-gff5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vsftpd@3.0.3-13%3Fdistro=trixie

url	pkg:deb/debian/vsftpd@3.0.5-0.2?distro=trixie
purl	pkg:deb/debian/vsftpd@3.0.5-0.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vsftpd@3.0.5-0.2%3Fdistro=trixie

url	pkg:deb/debian/vsftpd@3.0.5-0.5?distro=trixie
purl	pkg:deb/debian/vsftpd@3.0.5-0.5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vsftpd@3.0.5-0.5%3Fdistro=trixie

Affected_packages

url pkg:rpm/redhat/vsftpd@2.0.5-12?arch=el5

purl pkg:rpm/redhat/vsftpd@2.0.5-12?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nvkt-u1z5-s7gh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/vsftpd@2.0.5-12%3Farch=el5

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5962.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5962.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-5962

reference_id

reference_type

scores

value	0.1715
scoring_system	epss
scoring_elements	0.94973
published_at	2026-04-01T12:55:00Z

value	0.1715
scoring_system	epss
scoring_elements	0.94982
published_at	2026-04-02T12:55:00Z

value	0.1715
scoring_system	epss
scoring_elements	0.94984
published_at	2026-04-04T12:55:00Z

value	0.1715
scoring_system	epss
scoring_elements	0.94987
published_at	2026-04-07T12:55:00Z

value	0.1715
scoring_system	epss
scoring_elements	0.94995
published_at	2026-04-08T12:55:00Z

value	0.1715
scoring_system	epss
scoring_elements	0.94999
published_at	2026-04-09T12:55:00Z

value	0.1715
scoring_system	epss
scoring_elements	0.95004
published_at	2026-04-11T12:55:00Z

value	0.1715
scoring_system	epss
scoring_elements	0.95006
published_at	2026-04-12T12:55:00Z

value	0.1715
scoring_system	epss
scoring_elements	0.95008
published_at	2026-04-13T12:55:00Z

value	0.1715
scoring_system	epss
scoring_elements	0.95017
published_at	2026-04-16T12:55:00Z

value	0.1715
scoring_system	epss
scoring_elements	0.95021
published_at	2026-04-18T12:55:00Z

value	0.1715
scoring_system	epss
scoring_elements	0.95024
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-5962

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=397011
reference_id	397011
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=397011

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/5814.pl
reference_id	CVE-2007-5962
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/5814.pl

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/31818.sh
reference_id	CVE-2007-5962;OSVDB-45626
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/31818.sh

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/31819.pl
reference_id	CVE-2007-5962;OSVDB-45626
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/31819.pl

reference_url	https://www.securityfocus.com/bid/29322/info
reference_id	CVE-2007-5962;OSVDB-45626
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/29322/info

reference_url	https://access.redhat.com/errata/RHSA-2008:0295
reference_id	RHSA-2008:0295
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0295

Weaknesses

cwe_id	401
name	Missing Release of Memory after Effective Lifetime
description	The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

Exploits

date_added	2008-05-21
description	vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (2)
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2008-05-21
exploit_type	dos
platform	windows
source_date_updated	2016-12-07
data_source	Exploit-DB
source_url	https://www.securityfocus.com/bid/29322/info

Severity_range_score null

Exploitability 2.0

Weighted_severity 0.2

Risk_score 0.4

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nvkt-u1z5-s7gh

Vulnerability Instance