FTP Windows 98 MS/DOS Device Names DOS Network Vulnerability

Summary

It was possible to freeze or reboot Windows by reading a MS/DOS device through FTP, using a file name like CON\CON, AUX.htm or AUX. A cracker may use this flaw to make your system crash continuously, preventing you from working properly.

Solution

upgrade your system or use a FTP server that filters those names out. Reference : http://support.microsoft.com/default.aspx?scid=KB en-us Q256015 Reference : http://online.securityfocus.com/archive/1/195054

Severity

Classification

CVE CVE-2000-0168
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Baidu Spark Browser Denial of Service Vulnerability -01 August14 (Windows)
Denial Of Service Vulnerability in OpenSSL June-09 (Linux)
FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)
Apache Tomcat Content-Type Header Denial Of Service Vulnerability
Active Perl Denial of Service Vulnerability Feb 2014 (Windows)

FTP Windows 98 MS/DOS device names DOS

Take action and discover your vulnerabilities