| VID |
16086 |
| Severity |
30 |
| Port |
21 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
The TYPSoft FTP server, according to its version number, has a Empty Username Command DoS Vulnerability.
TYPSoft FTP Server is a free FTP server for Microsoft Windows. TYPSoft FTP Server 1.10 is vulnerable to a Denial of Service attack. By connecting and attempting to login with an empty USER value, a remote attacker could cause the FTP server to crash.
* Note: This check solely relied on the version number of the remote TYPSoft FTP server to assess this vulnerability, so this might be a false positive.
* References:
http://www.securitytracker.com/alerts/2004/Feb/1008943.html
http://www.osvdb.org/displayvuln.php?osvdb_id=6613
* Platforms Affected:
TYPSoft FTP Server 1.10
Microsoft Windows Any version |
| Recommendation |
No upgrade or patch available as of November 2004.
Upgrade to the new version of TYPSoft FTP Server, when new version fixed this problem becomes available from the TYPSoft FTP Server Web site at http://en.typsoft.com/ |
| Related URL |
CVE-2004-0252 (CVE) |
| Related URL |
9573,9702 (SecurityFocus) |
| Related URL |
15048 (ISS) |
|
