ID
VAR-200612-0786
TITLE
Dream FTP Server PORT Command Denial of Service Vulnerability
Trust: 0.6
DESCRIPTION
Dream FTP Server is a multi-threaded ftp server. Dream FTP Server has a vulnerability in handling user requests, and a remote attacker could exploit this vulnerability to perform a denial of service attack on the server. A remote attacker can cause a denial of service by sending a PORT command with an invalid parameter to the Dream FTP Server. Exploiting this issue allows remote attackers to crash the application, denying further service to legitimate users. It is not known at this time if this issue can be exploited to execute arbitrary code; this BID will be updated as further information becomes available. This issue affects version 1.0.2; other versions may also be vulnerable
Trust: 0.81
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | no | model: | - | scope: | - | version: | - | Trust: 0.6 |
| vendor: | bolintech | model: | dream ftp server | scope: | eq | version: | 1.0.2 | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
THREAT TYPE
network
Trust: 0.3
TYPE
Failure to Handle Exceptional Conditions
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 21700 | Trust: 0.9 |
| db: | CNVD | id: | CNVD-2006-9310 | Trust: 0.6 |
REFERENCES
| url: | http://www.bolintech.com/index.htm | Trust: 0.3 |
CREDITS
InTeL is credited with the discovery of this vulnerability.
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2006-9310 |
| db: | BID | id: | 21700 |
LAST UPDATE DATE
2022-05-17T02:01:36.065000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2006-9310 | date: | 2014-01-24T00:00:00 |
| db: | BID | id: | 21700 | date: | 2006-12-21T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2006-9310 | date: | 2006-12-21T00:00:00 |
| db: | BID | id: | 21700 | date: | 2006-12-21T00:00:00 |