TYPSoft FTP Server remote DoS Vulnerability

Long commands (ie., over 2048 bytes) sent to TYPSoft FTP Server cab cause the server to hang, requiring a manual restart to restore the process.

After the release of this advisory Noam Rathaus from http://www.BeyondSecurity.com contributed the following addendum:

.. "this product is also vulnerable if you connect to the server, but not send anything (do the SYN/ACK sequence but disconnect immediately). This is due to the fact that they use a DELPHI TSocket class, which doesn't handle exceptions very well. "


 

Privacy Statement
Copyright 2010, SecurityFocus