CVE-2001-0965

Name of the Vulnerable Software and Affected Versions glFTPD version 1.23

Description The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by sending a LIST command with an argument containing a large number of * (asterisk) characters.

Recommendations For glFTPD version 1.23, consider restricting or limiting the use of the LIST command with arguments containing a large number of * characters until a patch is available. As a temporary workaround, implement input validation to prevent excessively long arguments in the LIST command.