WFTP Out of Sequence RNTO Command Remote DoS

This script is Copyright (C) 2000-2015 Tenable Network Security, Inc.


Synopsis :

The remote FTP server is affected by a denial of service
vulnerability.

Description :

The remote Windows NT FTP (WFTP) server is affected by a denial of
service vulnerability. An authenticated, remote attacker can crash the
FTP server by issuing an out of sequence RENAME TO (RNTO) command.

An attacker may use this flaw to prevent you from publishing content
using FTP.

Solution :

Upgrade to WFTPD version 2.41 RC11.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVSS Temporal Score : 4.0
(CVSS2#E:H/RL:U/RC:ND)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 10466 ()

Bugtraq ID: 1456

CVE ID: CVE-2000-0648

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial