GoodTech FTP Server Connection Saturation DoS

This script is Copyright (C) 2001-2011 Tenable Network Security, Inc.


Synopsis :

The remote ftp server is prone to denial of service attacks.

Description :

The remote host appears to be running GoodTech FTP Server for Windows.

It was possible to disable the remote FTP server by connecting to it
about 3000 separate times. If the remote server is running from
within [x]inetd, this is a feature and the FTP server should
automatically be back in a couple of minutes. An attacker may use
this flaw to prevent this service from working properly.

See also :

http://archives.neohapsis.com/archives/bugtraq/2001-01/0350.html

Solution :

Upgrade to a version of GoodTech FTP server later than 3.0.1.2.1.0.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.2
(CVSS2#E:U/RL:U/RC:C)

Family: FTP

Nessus Plugin ID: 10690 (goodtech_ftpd_dos.nasl)

Bugtraq ID: 2270

CVE ID: CVE-2001-0188