Vulnerabilities > CVE-2004-2081 - Denial Of Service vulnerability in Karjasoft Sami FTP Server 1.1.3

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
karjasoft
nessus
exploit available

Summary

The samiftp.dll library in Sami FTP Server 1.1.3 allows local users to cause a denial of service (pmsystem.exe crash) by issuing (1) a CD command with a tilde (~) character or dot dot (/../) or (2) a GET command for an unavailable file.

Vulnerable Configurations

Part Description Count
Application
Karjasoft
1

Exploit-Db

descriptionSami FTP Server 1.1.3 Invalid Command Argument Local DoS. CVE-2004-2081. Dos exploit for windows platform
idEDB-ID:23692
last seen2016-02-02
modified2004-02-13
published2004-02-13
reporterintuit e.b.
sourcehttps://www.exploit-db.com/download/23692/
titleSami FTP Server 1.1.3 Invalid Command Argument Local DoS

Nessus

NASL familyFTP
NASL idSAMI_FTP.NASL
descriptionThe remote host is running SAMI FTP server. There is a bug in the way this server handles certain FTP command requests that may allow an attacker to crash the affected service.
last seen2020-06-01
modified2020-06-02
plugin id12061
published2004-02-17
reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/12061
titleSami FTP Server Multiple DoS