CVE-2004-1643

Name of the Vulnerable Software and Affected Versions WS FTP version 5.0.2

Description The issue allows remote authenticated users to cause a denial of service, specifically CPU consumption, by sending a CD command with an invalid path containing a "../" sequence.

Recommendations For WS FTP version 5.0.2, consider restricting access to the CD command or validating the paths provided in the CD command to prevent CPU consumption. As a temporary workaround, restrict the use of the CD command with "../" sequences until a patch is available.