CVE-2000-0645

WFTPD and WFTPD Pro 2.41 - Denial of Service via RESTART Command

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0645. PoCs published by Blue Panda.

AI-analyzed exploit summary This exploit triggers a denial-of-service (DoS) in WFTPD/WFTPD Pro versions prior to 2.41 RC11 by sending a malformed sequence of FTP commands (REST followed by STOU). The server crashes due to improper handling of the REST command when used with STOU.

Description

WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by using the RESTART (REST) command and writing beyond the end of a file, or writing to a file that does not exist, via commands such as STORE UNIQUE (STOU), STORE (STOR), or APPEND (APPE).

Exploits (1)

exploitdb WORKING POC VERIFIED
by Blue Panda · perldoswindows
https://www.exploit-db.com/exploits/20101

This exploit triggers a denial-of-service (DoS) in WFTPD/WFTPD Pro versions prior to 2.41 RC11 by sending a malformed sequence of FTP commands (REST followed by STOU). The server crashes due to improper handling of the REST command when used with STOU.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: WFTPD/WFTPD Pro < 2.41 RC11
Auth required
Prerequisites: Network access to the FTP server · Valid FTP credentials (even anonymous)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-07/0295.html
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1506

Scores

EPSS 0.0483
EPSS Percentile 90.9%

Details

Status published
Products (4)
texas_imperial_software/wftpd 2.4.1
texas_imperial_software/wftpd 2.4.1_rc11
texas_imperial_software/wftpd 2.34
texas_imperial_software/wftpd 2.40
Published Jul 21, 2000
Tracked Since Feb 18, 2026