TYPSoft FTP Server 'APPE' And 'DELE' Commands DOS Vulnerability Network Vulnerability

Summary

This host is running TYPSoft FTP Server and is prone to Denial of Service Vulnerability.

Impact

Successful exploitation will let the user crash the application to cause denial of service.

Solution

Upgrade to version 1.11 or later, For updates refer to http://www.softpedia.com/get/Internet/Servers/FTP-Servers/TYPSoft-FTP-Server.shtml

Insight

The flaw is due to an error when handling the 'APPE' and 'DELE' commands. These can be exploited through sending multiple login request in same socket.

Affected

TYPSoft FTP Server version 1.10 and prior.

References

http://securitytracker.com/alerts/2009/Nov/1023234.html
http://xforce.iss.net/xforce/xfdb/54407

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4105
CVSS Base Score: 3.5
AV:N/AC:M/Au:S/C:N/I:N/A:P

Related Vulnerabilities

TheGreenBow IPSec VPN Client Denial Of Service Vulnerability
ngIRCd SSL/TLS Support MOTD Request Multiple Denial Of Service Vulnerabilities
Firefox Browser designMode Null Pointer Dereference DoS Vulnerability - Linux
Samba 'client/mount.cifs.c' Remote Denial of Service Vulnerability
Wireshark SMB PIPE Dissector Denial of Service Vulnerability (Windows)

TYPSoft FTP Server 'APPE' and 'DELE' Commands DOS Vulnerability

Take action and discover your vulnerabilities