Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

WarFTPd Multiple Command CPU Consumption DoS

Medium

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote WarFTPd server is running a 1.71 version. It is possible for a remote user to cause a denial of service on a host running Serv-U FTP Server, G6 FTP Server or WarFTPd Server. Repeatedly submitting an 'a:/' GET or RETR request, appended with arbitrary data, will cause the CPU usage to spike to 100%.

Solution

Upgrade to the latest version of WarFTPd.