PT-2016-5116 · Globespanvirata · Globespanvirata Ftpd

Déborah Valeria Higa

Published

2016-02-15

Updated

2016-03-22

CVE-2016-2314

CVSS v2.0

6.3

Medium

Vector

AV:N/AC:M/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions GlobespanVirata ftpd version 1.0

Description The issue allows remote authenticated users to cause a denial of service, resulting in a device outage. This can be achieved by using the FTP MKD command to create a directory with a long name, and then using certain other commands.

Recommendations For GlobespanVirata ftpd version 1.0, consider restricting access to the MKD command as a temporary workaround to minimize the risk of exploitation. Additionally, restrict the length of directory names that can be created via the FTP MKD command to prevent the creation of directories with long names.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-17

Related Identifiers

CVE-2016-2314

Affected Products

Globespanvirata Ftpd

PT-2016-5116 · Globespanvirata · Globespanvirata Ftpd

CVE-2016-2314

Weakness Enumeration

Related Identifiers

Affected Products

References · 3