PT-2007-4753 · Conti · Conti Ftpserver

35C666

Published

2007-06-29

Updated

2018-10-16

CVE-2007-3492

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Conti FtpServer version 1.0

Description The issue allows remote authenticated users to cause a denial of service, resulting in a daemon crash. This can be achieved by sending a certain string containing "//A:" in the argument to the "LIST" command.

Recommendations For Conti FtpServer version 1.0, consider restricting access to the LIST command until a patch is available. As a temporary workaround, avoid using the string "//A:" in the argument to the LIST command to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-3492

Affected Products

Conti Ftpserver

PT-2007-4753 · Conti · Conti Ftpserver

CVE-2007-3492

Related Identifiers

Affected Products

References · 7