Summary
The host is running SamiFTP Server and is prone to buffer overflow vulnerability.
Impact
Successful exploitation will allow the remote attackers to cause a denial of service.
Impact Level: Application
Solution
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore.
General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
Insight
The flaw is due to an unspecified error while parsing 'MKD' command.
Affected
Sami FTP Server version 2.0.1, other versions may also be affected
Detection
Send a crafted FTP request via 'MKD' command and check server is dead or not.
References
Updated on 2017-03-28
Severity
Classification
-
CVSS Base Score: 8.5
AV:N/AC:M/Au:S/C:C/I:C/A:C
Related Vulnerabilities
- ProFTPD Prior To 1.3.3g Use-After-Free Remote Code Execution Vulnerability
- FFFTP LIST Command Directory Traversal Vulnerability
- Quick 'n Easy FTP Login Denial of Service Vulnerability
- FTPGetter FTP Client Directory Traversal Vulnerability
- ActFax FTP Server Post Auth 'RETR' Command Denial of Service Vulnerability