Crob FTP Server DIR command denial of service
|crob-dir-dos (15105)||Medium Risk|
Crob FTP Server is vulnerable to a denial of service. A remote attacker could issue the DIR command followed by multiple dots (..) to cause a denial of service.
Denial of Service
No remedy available as of September 1, 2014.
- BugTraq Mailing List, Sun Feb 01 2004 - 08:45:42 CST: Vulnerabilities in Crob FTP Server V3.5.1.
- BID-9549: Crob FTP Server Denial Of Service Vulnerability
- CVE-2003-1207: Crob FTP Server 3.5.1 allows remote authenticated users to cause a denial of service (crash) via a dir command with a large number of . characters followed by a /* string.
- OSVDB ID: 20203: Crob FTP Server Crafted Dot Request DoS
- SA10778: Crob FTP Server Directory Listing Vulnerability
- SECTRACK ID: 1008908: Crob FTP Server Discloses Directory Listings to Remote Users
- Crob Software Studio Crob FTP Server 3.5.1
Feb 01, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this