Blackmoon FTP PORT Command Denial Of Service Vulnerability Network Vulnerability

Summary

The host is running Blackmoon FTP Server and is prone to denial of service vulnerability.

Impact

Successful exploitation will allow the remote attackers to cause a denial of service. Impact Level: Application

Solution

Upgrade to Blackmoon FTP Version 3.1.7 Build 17356 or higher. For updates refer to http://www.blackmoonftpserver.com/downloads.aspx

Insight

The flaw is due to an error while parsing PORT command, which can be exploited to crash the FTP service by sending multiple PORT commands with 'big' paramter.

Affected

Blackmoon FTP 3.1.6 - Build 1735

References

http://secunia.com/advisories/42933/
http://www.exploit-db.com/exploits/15986/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-0507

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

wu-ftpd rnfr file overwrite
XM Easy Personal FTP Server 'TYPE' Command Remote Denial of Service Vulnerability
Home FTP Server Multiple Directory Traversal Vulnerabilities
Telnet-Ftp Server Directory Traversal Vulnerability
TurboFTP 'DELE' FTP Command Remote Buffer Overflow Vulnerability

Take action and discover your vulnerabilities