Được tạo bởi Blogger.
Home » » ProFTPd Denial of Service

ProFTPd Denial of Service

Written By Tuan.Dao.Duy on Thứ Bảy, 23 tháng 11, 2013 | 22:24

Date Disclosed:
9/11/2013

Date Patched:
No patch available.

Vendor:
ProFTPd
Affected Software:

ProFTPd 1.3.4d and prior
ProFTPd 1.3.5rc3 and prior
Description:
A vulnerability within ProFTPd can be triggered when handling specially crafted TCP packets, causing a denial of service condition. This occurs during authentication.
Severity:
Moderate
Code Execution:
No.
Impact:

Denial of Service
Exploitation of this vulnerability will render the service on the affected system unresponsive while the memory of the system is exhausted. Attackers can continue sending malicious payloads to continue the denial of service condition indefinitely.
Mitigation:
Deactivate the use of keyboard interactive authentication.
Protection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
  • 30703 - ProFTPD Denial of Service (Zero-Day)
Links:

Status:
2013-09-11: Original Disclosure
Share this article :

0 nhận xét:

Đăng nhận xét

 
Đăng Kí Học Trực Tuyến : Chương Trình Đào Tạo Security365 | Ethical Haking | SiSSP
Copyright © 2013. Công nghệ thông tin 365!! - All Rights Reserved
Web Master @ Nguyen Tran
Tech Support @ Bang Tran Ngoc