Ubuntu Security Update for Vsftpd

Vsftpd, a popular FTP server, has been the object for a security update that affects Ubuntu 11.10, Ubuntu 11.04, Ubuntu 10.10, and Ubuntu 10.04 LTS.

It was discovered that high rates of cleanup and creation of network namespaces were not properly handle by the 2.6.35 and earlier Linux kernels, which helps remote attackers to cause a DoS attack (memory consumption) in Vsftpd and other applications that require a separate namespace per connection.

The problem can be easily resolved by updating your Ubuntu distribution with the new version of Vsftpd, using the Update Manager utility.

Vsftpd 2.3.2-3ubuntu5.1 for Ubuntu 11.10, Vsftpd 2.3.2-3ubuntu4.1 for Ubuntu 11.04, Vsftpd 2.3.0~pre2-4ubuntu2.3 for Ubuntu 10.10, and Vsftpd 2.2.2-3ubuntu6.3 for Ubuntu 10.04 LTS.

More detailes can be found on yesterday's Ubuntu Security Notice USN-1288-1 announcement for Vsftpd.