[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Wing FTP Server PORT Command DoS Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Wing FTP Server PORT Command DoS Vulnerability
From: sk <sk10_0@xxxxxxxxx>
Date: Mon, 21 Jun 2010 12:16:58 +0530 (IST)




Discovery Date: Nov 14, 2009  
Risk: Important  
Affected Software:  
        * Wing FTP Server 3.1.2 
Description:


There is a Denial of Service 
(DoS) vulnerability that exists in Wing FTP Server 3.1.2. The 
said vulnerability can be exploited by using an invalid parameter for 
PORT command. When exploited successfully, the vulnerability could cause FTP 
server using the said software to crash.
Wing FTP Server 3.1.2 on a  Windows environment is affected. 
Other versions may also be affected. 

Patch Information:


More 
information on the patch can be found in the following page:
        * Wing FTP 
Server History
Discovered by:
Sumit Kumar Soni , Trend Micro
Read more about this threat incident in the Malware Blog entry "Trend Micro 
Discovers Wing FTP Server PORT Command DoS Bug."   
hxxp://threatinfo.trendmicro.com/vinfo/SecAdvisories/default6.asp?VNAME=Wing+FTP+Server+PORT+Command+DoS+Vulnerability&Page=2

hxxp://voidroot.blogspot.com/2010/06/wing-ftp-server-port-command-dos.html

Prev by Date: [MajorSecurity SA-075]CMS RedAks 2.0 - SQL injection vulnerability
Next by Date: Remote Arbitrary Code Execution Vulnerability in UFO: Alien Invasion
Previous by thread: [MajorSecurity SA-075]CMS RedAks 2.0 - SQL injection vulnerability
Next by thread: Remote Arbitrary Code Execution Vulnerability in UFO: Alien Invasion
Index(es):
- Date
- Thread