vendor:
Nofeel FTP Server
by:
His0k4
9.3
CVSS
HIGH
Remote Memory Consumption Exploit
400
CWE
Product Name: Nofeel FTP Server
Affected Version From: 3.6
Affected Version To: 3.6
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009
Nofeel FTP Server (CWD) Remote Memory Consumption Exploit
Nofeel FTP Server V3.6 is vulnerable to a remote memory consumption exploit. An attacker can send a malicious CWD command to the server, which will cause the server to consume large amounts of memory, leading to a denial of service. The exploit is triggered by sending a malicious CWD command to the server, which will cause the server to consume large amounts of memory, leading to a denial of service.
Mitigation:
The vendor has released a patch to address this vulnerability. Users should upgrade to the latest version of Nofeel FTP Server.
