XM Easy Personal FTP Server File/Folder Denial Of Service Vulnerability Network Vulnerability

Summary

This host is running XM Easy Personal FTP Server and is prone to Denial of Service Vulnerability.

Impact

Successful exploitation will let the authenticated user create recursive directories and crash the FTP Server.

Solution

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

Insight

This flaw is due to improper validation check while creating recursive directories by an authenticated user inside the root folder of the FTP server.

Affected

Dxmsoft XM Easy Personal FTP Server version 5.8.0 and prior.

References

http://secunia.com/advisories/37473
http://www.securityfocus.com/archive/1/archive/1/508049/100/0/threaded
http://xforce.iss.net/xforce/xfdb/54400

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4108
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:N/I:N/A:P

Related Vulnerabilities

Asterisk RTP Text Frames Denial Of Service Vulnerability
Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Win
DB2 DOS
F-Secure Policy Manager Server fsmsh.dll module DoS
Apple Safari Malformed URI Remote DoS Vulnerability (Win)

XM Easy Personal FTP Server File/Folder Denial of Service Vulnerability

Take action and discover your vulnerabilities