Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Denial of Service >> SlimFTPd Denial of Service Vulnerability


Vulnerability Assessment Details

SlimFTPd Denial of Service Vulnerability

Vulnerability Assessment Summary
Checks for multiple buffer overflow vulnerabilities in SlimFTPd < 3.17

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote FTP server is prone to a denial of service attack.

Description :

The remote host appears to be using SlimFTPd, a free, small,
standards-compliant FTP server for Windows.

The installed version of SlimFTPd on the remote host suffers from a
denial of service vulnerability. By sending 'user' and 'pass'
commands that are each 40 bytes long, a possible hacker will crash the
service after about a short period of time.

See also :

http://www.critical.lt/?vuln/8

Solution :

Unknown at this time.

Network Security Threat Level:

Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:N/A:P/I:N/B:N)

Networks Security ID: 14723

Vulnerability Assessment Copyright: This script is Copyright (C) 2005-2006 Tenable Network Security

Cables, Connectors

IBM HX5 BLADECENTER SERVER TWO E7530 1.86GHZ 16GB NO HDD
$959.0
IBM HX5 BLADECENTER SERVER TWO E7530 1.86GHZ 16GB NO HDD pictureIBM HX5 BLADECENTER SERVER E7-4807 1.86GHZ 12GB NO HDD
$969.0
IBM HX5 BLADECENTER SERVER E7-4807 1.86GHZ 12GB NO HDD pictureIBM HX5 BLADECENTER SERVER E7-4860 2.26GHZ 24GB NO HDD
$939.0
IBM HX5 BLADECENTER SERVER E7-4860 2.26GHZ 24GB NO HDD pictureLENOVO THINKSERVER RD240 X5675 3.06GHZ 24GB 4 X 146GB 15K SAS
$699.0
LENOVO THINKSERVER RD240 X5675 3.06GHZ 24GB 4 X 146GB 15K SAS picture


Discussions

No Discussions have been posted on this vulnerability.