Published: 23/10/2005 Updated: 26/01/2011

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 515

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Typsoft FTP Server 1.11, with "Sub Directory Include" enabled, allows remote malicious users to cause a denial of service (crash) by sending multiple RETR commands. NOTE: it was later reported that 1.10 is also affected.

Vulnerable Product	Search on Vulmon	Subscribe to Product
typsoft typsoft ftp server

TYPSoft FTP Server version 110 RETR CMD denial of service exploit ...

#!/usr/bin/python # # TYPSoft FTP Server (v 110) RETR CMD Denial Of Service # # CVE-2005-3294 # OSVDB 19992 # # 12/23/2010 # (C) Emanuele Gentili <emgent@backtrack-linuxorg> # # Notes: # I have wrote this exploit because the code published here (1) do not work correctly # (1) wwwexploit-dbcom/exploits/12604/ # import socket impor ...

# Tested on: Windows XP, SP2 (EN) #!/usr/bin/python print "\n#################################################################" print "## RedTeam Security ##" print "## TYPSoft FTP Server RETR Command DoS ##" print "## Version 110 ##" ...

#!/usr/bin/perl use IO::Socket; use Socket; print "\n-= TYPSoft FTP Server <= v111 DOS =-\n"; print "-= wood (at) Exploitlabscom =-\n\n"; if($#ARGV < 2 | $#ARGV > 3) { die "usage: perl typsoft-111-DOSpl <host> <user> <pass> [port]\n" }; if($#ARGV > 2) { $prt = $ARGV[3] } else { $prt = "21" }; $adr = $ARGV[0]; $ ...

CWE-399 http://www.exploitlabs.com/files/advisories/EXPL-A-2005-016-typsoft-ftpd.txt http://secunia.com/advisories/17196 http://www.securityfocus.com/bid/15104 http://www.exploit-db.com/exploits/15860 http://www.osvdb.org/19992 https://nvd.nist.gov https://packetstormsecurity.com/files/97139/TYPSoft-FTP-Server-1.10-Denial-Of-Service.html https://www.exploit-db.com/exploits/15860/

CVE-2005-3294

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect