smallftpd 1.0.3 Multiple DoS

This script is Copyright (C) 2004-2013 Audun Larsen


Synopsis :

The remote FTP server is affected by multiple vulnerabilities.

Description :

The remote host seems to be running a version of Smallftpd that is
1.0.3 or earlier. Such versions are reportedly affected by denial of
service and directory traversal vulnerabilities.

Solution :

Either disable the service or switch to a different FTP server as
Smallftpd has not been updated since 2004.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.8
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 12072 ()

Bugtraq ID: 9684
40180
48453
58856

CVE ID: CVE-2004-0299