SunFTP Server Partial Input Denial of Service Vulnerability

SunFTP is a small freeware ftp server offered by XS4ALL Data. Like most servers, it uses incoming data from the network interface as input based on newline characters. It is vulnerable to a denial of service if a client connects, enters data, then disconnects without sending a newline character. This is the result of a failure to handle this condition and the consequence is the service crashing immediately.


Privacy Statement
Copyright 2010, SecurityFocus