RaidenFTPD Server CWD And MLST Command Denial Of Service Vulnerability Network Vulnerability

Summary

This host is running RaidenFTPD Server and is prone to Denial of Service Vulnerability.

Impact

Successful exploitation will let the user crash the application to cause denial of service.

Solution

Upgrade to the latest version. http://www.raidenftpd.com/en/

Insight

The flaw is due to a boundary error when handling overly long requested directory names. As a result buffer overflow can be caused using specially crafted CWD and MLST commands.

Affected

RaidenFTPD Server version 2.4.3620 and prior.

References

http://secunia.com/advisories/32216

Updated on 2017-03-28

Severity

Classification

CVE CVE-2008-6186

CVSS	Base Score: 9.0 AV:N/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Google Chrome Multiple Denial of Service Vulnerabilities - January12 (Windows)
7-Zip Unspecified Archive Handling Vulnerability (Win)
FlashGet FTP PWD Response Remote Buffer Overflow Vulnerability
Adobe Flash Player/Air Multiple Vulnerabilities - August10 (Linux)
Adobe Reader/Acrobat JavaScript Method Handling Vulnerability (Linux)

RaidenFTPD Server CWD and MLST Command Denial of Service Vulnerability

Take action and discover your vulnerabilities