CVE-2006-6558 - Crob FTP Server 3.6.1 b.263 allows remote attackers to cause a denial of service via a long series o

CVE-2006-6558

Summary

Crob FTP Server 3.6.1 b.263 allows remote attackers to cause a denial of service via a long series of "?A" sequences in the (1) LIST and possibly (2) NLST command.

References

http://secunia.com/advisories/23365
http://www.securityfocus.com/bid/13848
http://www.vupen.com/english/advisories/2006/4994
https://exchange.xforce.ibmcloud.com/vulnerabilities/30867
https://www.exploit-db.com/exploits/2926

Vulnerable Configurations

cpe:2.3:a:crob:crob_ftp_server:3.6.1_b.263:*:*:*:*:*:*:*
cpe:2.3:a:crob:crob_ftp_server:3.6.1_b.263:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 19-10-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	13848
exploit-db	2926
secunia	23365
vupen	ADV-2006-4994
xf	crob-list-dos(30867)

Last major update

19-10-2017 - 01:29

Published

14-12-2006 - 18:28

Last modified

19-10-2017 - 01:29