PT-2004-1764 · Fastream · Fastream Netfile Server

Published

2004-07-13

Updated

2017-07-11

CVE-2004-0677

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Fastream NETFile FTP Server versions 6.7.2.1085 and earlier

Description The issue allows remote attackers to cause a denial of service, resulting in a temporary hang, by utilizing the cd command with an unusual argument. This could be due to multiple leading slashes and/or an attempt to access the floppy drive, referred to as "A".

Recommendations For Fastream NETFile FTP Server versions 6.7.2.1085 and earlier, consider restricting access to the cd command or limiting the ability to access unusual arguments, such as multiple leading slashes or the floppy drive "A", until a fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-0677

Affected Products

Fastream Netfile Server

PT-2004-1764 · Fastream · Fastream Netfile Server

CVE-2004-0677

Related Identifiers

Affected Products

References · 3