Published: 20/01/2011 Updated: 17/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

FTPService.exe in Blackmoon FTP 3.1 Build 1735 and Build 1736 (3.1.7.1736), and possibly other versions prior to 3.1.8.1737, allows remote malicious users to cause a denial of service (crash) via a large number of PORT commands with long arguments, which triggers a NULL pointer dereference. NOTE: some of these details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
blackmoonftpserver blackmoon ftp server 3.1
blackmoonftpserver blackmoon ftp server 3.1.7.1736
blackmoonftpserver blackmoon ftp server 3.1.7.1735

#!/usr/bin/python # Exploit Title: BlackmoonFTP Server DOS # Date: 12/28/2010 # Author: Craig Freyman (cd1zz) # Software Link: wwwmediafirecom/?bnc4d00myymmx55 # Version: 31 Release 6 - Build 1735 and 1736 # Tested On: Windows XP SP3 # Vendor Contacted: 12/28/2010 # Vendor Fixed: 1/13/2011 import socket import sys buffer = '\x41' * 600 ...

NVD-CWE-Other http://secunia.com/advisories/42933 http://www.securityfocus.com/bid/45814 http://osvdb.org/70452 http://www.exploit-db.com/exploits/15986 https://exchange.xforce.ibmcloud.com/vulnerabilities/64696 https://nvd.nist.gov https://www.exploit-db.com/exploits/15986/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-0507

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect