Vulnerabilities > CVE-2006-6558 - Remote Heap Buffer Overflow vulnerability in Crob FTP Server 3.6.1B.263

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
crob
nessus
exploit available

Summary

Crob FTP Server 3.6.1 b.263 allows remote attackers to cause a denial of service via a long series of "?A" sequences in the (1) LIST and possibly (2) NLST command.

Vulnerable Configurations

Part Description Count
Application
Crob
1

Exploit-Db

descriptionCrob FTP Server 3.6.1 build 263 (LIST/NLST) Denial of Service Exploit. CVE-2006-6558. Dos exploit for windows platform
fileexploits/windows/dos/2926.py
idEDB-ID:2926
last seen2016-01-31
modified2006-12-13
platformwindows
port
published2006-12-13
reportershinnai
sourcehttps://www.exploit-db.com/download/2926/
titleCrob FTP Server 3.6.1 build 263 LIST/NLST Denial of Service Exploit
typedos

Nessus

NASL familyFTP
NASL idCROBFTP_OVERFLOWS.NASL
descriptionThe version of Crob FTP Server on the remote host suffers from multiple remote buffer overflows. Once authenticated, an attacker can exploit these vulnerabilities to crash the affected daemon and even execute arbitrary code remotely within the context of the affected service.
last seen2020-06-01
modified2020-06-02
plugin id19236
published2005-07-20
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/19236
titleCrob FTP Server < 3.6.1 build 263 Multiple Vulnerabilities