Multiple Vendor FTPD on Windows Floppy Request CPU Consumption DoS

Medium Nessus Plugin ID 10822


The remote FTP server may be vulnerable to a denial of service.


It is possible for a remote user to cause a denial of service on a host running Serv-U FTP Server, G6 FTP Server or WarFTPd Server. Repeatedly submitting an 'a:/' GET or RETR request, appended with arbitrary data, will cause the CPU usage to spike to 100%.

Nessus identified the remote server as running version 1.71 of WarFTPd.


Upgrade to the latest version of WarFTPd or contact your FTP vendor for details.

Plugin Details

Severity: Medium

ID: 10822

File Name: multiple_ftpd_dos.nasl

Version: $Revision: 1.17 $

Type: remote

Family: FTP

Published: 2001/12/06

Modified: 2011/03/11

Dependencies: 10092

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2001/02/17

Reference Information

BID: 2698

OSVDB: 687