[vulnwatch] WFTPD Pro Server 3.21 MLST Command Denial of Service Vulnerability
www.cnhonker.com
Security Advisory
Advisory Name: WFTPD Pro Server 3.21 MLST Command Denial of Service Vulnerability
Release Date: 08/30/2004
Affected version: WFTPD Pro Server 3.21 Release 3
Author: lion <lion (at) cnhonker (dot) net [email concealed]>
Overview:
A vulnerability has been found in WFTPD Pro Server. The problem is When a user logged in, send a "mlst" command to target will crash the Server.
www.cnhonker.com
Security Advisory
Advisory Name: WFTPD Pro Server 3.21 MLST Command Denial of Service Vulnerability
Release Date: 08/30/2004
Affected version: WFTPD Pro Server 3.21 Release 3
Author: lion <lion (at) cnhonker (dot) net [email concealed]>
Overview:
A vulnerability has been found in WFTPD Pro Server. The problem is When a user logged in, send a "mlst" command to target will crash the Server.
Exploit:
PoC exploit attached.
About HUC:
HUC is still alive.
[ reply ]