Cerberus FTP Server Command Processing DoS
Medium Nessus Plugin ID 40821
SynopsisThe FTP server installed on the remote Windows host has a denial of service vulnerability.
DescriptionThe version of Cerberus FTP server on the remote host has a denial of service vulnerability. Sending a very long argument (1400 bytes or more) to any command causes the server to crash. This reportedly does not result in memory corruption - the vulnerable versions abnormally terminate when a long argument is received (before any data is successfully copied into the destination buffer). A remote attacker could exploit this issue to cause a denial of service.
SolutionUpgrade to Cerberus FTP server 3.0.2 or later.