FTPshell Server 3.38 Malformed PORT/QUIT DoS

Medium Nessus Plugin ID 19303


The remote FTP service is affected by a denial of service vulnerability.


The remote host is using FTPshell, an FTP service for Windows.

The version of FTPshell installed on the remote host suffers from a denial of service vulnerability that can be exploited by logging into the service, sending a PORT command, and closing the connection without QUITing, all 39 times.


Unknown at this time.

See Also



Plugin Details

Severity: Medium

ID: 19303

File Name: ftpshell_39dos.nasl

Version: $Revision: 1.16 $

Type: remote

Family: FTP

Published: 2005/07/27

Modified: 2016/10/10

Dependencies: 10084, 10092

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

Required KB Items: ftp/login, ftp/password

Excluded KB Items: ftp/msftpd, ftp/ncftpd, ftp/fw1ftpd, ftp/vxftpd

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2005/07/25

Reference Information

CVE: CVE-2005-2426

BID: 14382

OSVDB: 18285