WFTPD Out of Sequence RNTO Command Remote DoS

This script is Copyright (C) 2000-2011 Tenable Network Security, Inc.


Synopsis :

The remote server is vulnerable to a denial of service.

Description :

The remote FTP server crashes when the command 'RNTO x' is issued right
after the login.

An attacker may use this flaw to prevent you from publishing anything
using FTP.

Solution :

If you are using wftp, then upgrade to version 2.41 RC11, if you are
not, then contact your vendor for a fix.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 5.0
(CVSS2#E:H/RL:U/RC:ND)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 10466 ()

Bugtraq ID: 1456

CVE ID: CVE-2000-0648