CVE-2011-0507

Description

FTPService.exe in Blackmoon FTP 3.1 Build 1735 and Build 1736 (3.1.7.1736), and possibly other versions before 3.1.8.1737, allows remote attackers to cause a denial of service (crash) via a large number of PORT commands with long arguments, which triggers a NULL pointer dereference. NOTE: some of these details are obtained from third party information.

Affected products

• blackmoonftpserver / blackmoon_ftp_server3.1 – 3.1
• blackmoonftpserver / blackmoon_ftp_server3.1.7.1735 – 3.1.7.1735
• blackmoonftpserver / blackmoon_ftp_server3.1.7.1736 – 3.1.7.1736

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/64696
• MISChttp://www.securityfocus.com/bid/45814
• MISChttp://osvdb.org/70452
• VENDOR_ADVISORYhttp://secunia.com/advisories/42933
• EXPLOIThttp://www.exploit-db.com/exploits/15986