BFTPD Multiple Commands Remote Denial Of Service Vulnerabilities
BID:23406
Info
BFTPD Multiple Commands Remote Denial Of Service Vulnerabilities
| Bugtraq ID: | 23406 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 10 2007 12:00AM |
| Updated: | Apr 11 2007 10:11PM |
| Credit: | The vendor disclosed these issues. |
| Vulnerable: |
BFTPD Bftpd 1.6.6 |
| Not Vulnerable: |
BFTPD Bftpd 1.8 |
Discussion
BFTPD Multiple Commands Remote Denial Of Service Vulnerabilities
BFTPD is prone to multiple remote denial-of-service vulnerabilities because the application fails to handle exceptional conditions.
An attacker can exploit these issues to crash the affected application, denying service to legitimate users.
Versions prior to 1.8 are vulnerable to these issues.
BFTPD is prone to multiple remote denial-of-service vulnerabilities because the application fails to handle exceptional conditions.
An attacker can exploit these issues to crash the affected application, denying service to legitimate users.
Versions prior to 1.8 are vulnerable to these issues.
Exploit / POC
BFTPD Multiple Commands Remote Denial Of Service Vulnerabilities
An attacker can use standard FTP clients or network utilities to exploit these issues.
An attacker can use standard FTP clients or network utilities to exploit these issues.
Solution / Fix
BFTPD Multiple Commands Remote Denial Of Service Vulnerabilities
Solution:
The vendor released a fix to address these issues. Please see the references for more information.
Solution:
The vendor released a fix to address these issues. Please see the references for more information.
References
BFTPD Multiple Commands Remote Denial Of Service Vulnerabilities
References:
References:
- Vendor Homepage (Bftpd)