PT-2002-1292 · Etype · Etype Eserv

Published

2002-05-03

Updated

2008-09-11

CVE-2002-0221

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Etype Eserv version 2.97

Description The issue allows remote attackers to cause a denial of service, specifically resource exhaustion, by sending a large number of PASV commands. These commands consume ports 1024 through 5000, which in turn prevents the server from accepting valid PASV commands.

Recommendations For Etype Eserv version 2.97, consider restricting the number of PASV commands that can be sent to the server to prevent resource exhaustion, or implement rate limiting on the affected ports to minimize the risk of denial of service.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0221

Affected Products

Etype Eserv

PT-2002-1292 · Etype · Etype Eserv

CVE-2002-0221

Related Identifiers

Affected Products

References · 5