Summary
The remote WarFTPd server is running a 1.71 version.
It is possible for a remote user to cause a denial of service on a host running Serv-U FTP Server, G6 FTP Server or WarFTPd Server. Repeatedly submitting an 'a:/' GET or RETR request, appended with arbitrary data,
will cause the CPU usage to spike to 100%.
Reference: http://www.securityfocus.com/bid/2698
Solution
upgrade to the latest version of WarFTPd
Severity
Classification
-
CVSS Base Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- SolarFTP 'PASV' Command Remote Buffer Overflow Vulnerability
- Serv-U Denial of Service and Security Bypass Vulnerabilities
- SolarFTP PASV Command Remote Denial of Service Vulnerability
- RhinoSoft Serv-U FTP Server TEA Decoder Remote Stack Buffer Overflow Vulnerability
- GNU Bash Environment Variable Handling Shell Remote Command Execution Vulnerability (FTP Check)