CVE-2000-0648

WFTPD and WFTPD Pro 2.41 - Denial of Service via RNTO Command Without RNFR

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0648. PoCs published by Blue Panda.

AI-analyzed exploit summary This exploit triggers a denial-of-service in WFTPD/WFTPD Pro 2.41 RC10 by sending an RNTO command without first issuing an RNFR command, causing the server to crash. The PoC uses a simple Perl script to establish an FTP connection and send the malformed sequence.

Description

WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of service by executing the RENAME TO (RNTO) command before a RENAME FROM (RNFR) command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Blue Panda · perldoswindows

https://www.exploit-db.com/exploits/20069

View Code ZIP pw:eip

This exploit triggers a denial-of-service in WFTPD/WFTPD Pro 2.41 RC10 by sending an RNTO command without first issuing an RNFR command, causing the server to crash. The PoC uses a simple Perl script to establish an FTP connection and send the malformed sequence.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: WFTPD/WFTPD Pro 2.41 RC10

Auth required

Prerequisites: Network access to the FTP server · Valid credentials (even anonymous)

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/templates/archive.pike?list=1&msg=E13BvU6-0007d8-00%40dwarf.box.sk

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1456

Scores

EPSS 0.0360

EPSS Percentile 88.0%

Details

Status published

Products (1)

texas_imperial_software/wftpd 2.4.1

Published Jul 11, 2000

Tracked Since Feb 18, 2026