Vulnerabilities > CVE-2001-0965 - Denial of Service vulnerability in glFTPD LIST

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

glftpd

exploit available

NVD

Published: 2001-08-31

Updated: 2008-09-05

Summary

glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST command with an argument that contains a large number of * (asterisk) characters.

Vulnerable Configurations

Part	Description	Count
Application	Glftpd Glftpd Glftpd 1.13.6 Glftpd Glftpd 1.16.9 Glftpd Glftpd 1.17.2 Glftpd Glftpd 1.18A Glftpd Glftpd 1.19 Glftpd Glftpd 1.20 Glftpd Glftpd 1.21 Glftpd Glftpd 1.22B Glftpd Glftpd 1.23	9

Exploit-Db

description	glFTPD 1.x LIST Denial of Service Vulnerability. CVE-2001-0965. Dos exploit for unix platform
id	EDB-ID:21074
last seen	2016-02-02
modified	2001-08-17
published	2001-08-17
reporter	ASGUARD LABS
source	https://www.exploit-db.com/download/21074/
title	glFTPD 1.x LIST Denial of Service Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References