Craig Freyman

**Name of the Vulnerable Software and Affected Versions** Blackmoon FTP versions prior to 3.1.8.1737 **Description** The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending a large number of PORT commands with long arguments. This triggers a NULL pointer dereference. **Recommendations** For versions prior to 3.1.8.1737, update to version 3.1.8.1737 or later to resolve the issue. As a temporary workaround, consider restricting the number of PORT commands with long arguments to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Golden FTP Server versions 1.92 through 4.70 **Description** A heap-based buffer overflow issue allows remote attackers to cause a denial of service, potentially leading to application crashes, and possibly execute arbitrary code via a long PASS command. **Recommendations** For Golden FTP Server versions 1.92 through 4.70, consider updating to a version that is not affected by this issue, as a temporary workaround, restrict access to the PASS command to minimize the risk of exploitation.