GoodTech FTP Server Connection Saturation DoS

medium Nessus Plugin ID 10690

Synopsis

The remote ftp server is prone to denial of service attacks.

Description

The remote host appears to be running GoodTech FTP Server for Windows.

It was possible to disable the remote FTP server by connecting to it about 3000 separate times. If the remote server is running from within [x]inetd, this is a feature and the FTP server should automatically be back in a couple of minutes. An attacker may use this flaw to prevent this service from working properly.

Solution

Upgrade to a version of GoodTech FTP server later than 3.0.1.2.1.0.

See Also

https://seclists.org/bugtraq/2001/Jan/329

Plugin Details

Severity: Medium

ID: 10690

File Name: goodtech_ftpd_dos.nasl

Version: 1.30

Type: remote

Family: FTP

Published: 6/15/2001

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 1/22/2001

Reference Information

CVE: CVE-2001-0188

BID: 2270