Summary
This host is running WinFTP Server and is prone to Denial of Service Vulnerability.
Impact
Successful exploitation will let the user crash the application to cause denial of service.
Solution
Solution/Patch not available as on 19th December 2008. For updates refer, http://www.wftpserver.com/wftpserver.htm
Insight
The flaw is due to an error when handling the PASV and NLST commands. These can be exploited through sending multiple login request ending with PASV command.
Affected
Win FTP Server version 2.3.0 or prior.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2008-5666 -
CVSS Base Score: 3.5
AV:N/AC:M/Au:S/C:N/I:N/A:P
Related Vulnerabilities
- Oracle VM VirtualBox Local Denial of Service Vulnerability-01 Oct2013 (Linux)
- WinFTP Server PASV Command Denial of Service Vulnerability
- Wireshark IEEE 802.11 Dissector Denial of Service Vulnerability (Windows)
- PHP 'mbstring.func_overload' DoS Vulnerability
- Oracle VM VirtualBox Local Denial of Service Vulnerability-01 Oct2013 (Mac OS X)