Sunday, June 20, 2010

Wing FTP Server PORT Command DoS Vulnerability

Discovery Date: Nov 14, 2009
Risk: Important
Affected Software:

* Wing FTP Server 3.1.2

Description:

There is a Denial of Service (DoS) vulnerability that exists in Wing FTP Server 3.1.2. The said vulnerability can be exploited by using an invalid parameter for PORT command. When exploited successfully, the vulnerability could cause FTP server using the said software to crash.

Wing FTP Server 3.1.2 on a Windows environment is affected. Other versions may also be affected.

Patch Information:

More information on the patch can be found in the following page:

* Wing FTP Server History

Discovered by: Sumit Kumar Soni , Trend Micro
Email: ssummit @ gmail.com
Read more about this threat incident in the Malware Blog entry "Trend Micro Discovers Wing FTP Server PORT Command DoS Bug."

No comments:

Post a Comment