|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA11160] WFTPD Pro Server Administrative GUI Denial of Service
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Thu Mar 18 2004 - 07:14:55 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
WFTPD Pro Server Administrative GUI Denial of Service
SECUNIA ADVISORY ID:
SA11160
VERIFY ADVISORY:
http://secunia.com/advisories/11160/
CRITICAL:
Less critical
IMPACT:
DoS
WHERE:
From remote
SOFTWARE:
WFTPD Pro Server 3.x
DESCRIPTION:
STORM has discovered a vulnerability in WFTPD Pro Server, which can
be exploited by malicious users to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the handling of
various FTP command arguments. This can be exploited to crash the
administrative GUI by supplying an overly long argument (about 300
bytes) to certain FTP commands.
The vulnerability has been reported in version 3.21 Release 1 and 2.
SOLUTION:
Update to version 3.21 Release 3.
http://www.wftpd.com/downloads.htm
PROVIDED AND/OR DISCOVERED BY:
STORM
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]