WFTPD Unauthenticated MLST Command DoS
Medium Nessus Plugin ID 10487
SynopsisThe remote FTP server is affected by a denial of service vulnerability.
DescriptionThe FTP server running on the remote host is affected by a denial of service vulnerability when executing an MLST command. An unauthenticated, remote can exploit this to crash the server by using the 'MLST a' command just after making a connection.
SolutionIf you are using the Texas Imperial Software WFTPD server, then upgrade to version 2.41 RC12 or later. Otherwise, contact the vendor for a fix.