GlobalSCAPE Secure FTP Server < 3.1.4 Build 01.10.2006 Custom Command Remote DoS

medium Nessus Network Monitor Plugin ID 3506

Synopsis

The remote FTP server is prone to denial of service attacks.

Description

GlobalSCAPE Secure FTP Server is installed on the remote Windows host. The installed version of GlobalSCAPE Secure FTP Server on the remote host is affected by a denial of service vulnerability involving a lengthy parameter line to an unspecified custom command.

Solution

Upgrade to version 3.1.4 Build 01.10.2006 or higher.

See Also

http://www.globalscape.com/gsftps/history.asp

Plugin Details

Severity: Medium

ID: 3506

Family: FTP Servers

Published: 8/18/2004

Updated: 3/6/2019

Nessus ID: 21188

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:globalscape:secure_ftp_server

Reference Information

CVE: CVE-2006-1693

BID: 17398