CVE-2001-0688

Broker FTP Server 5.9.5.0 - Denial of Service via Invalid CD Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0688. PoCs published by byterage.

AI-analyzed exploit summary This Perl script exploits a denial-of-service vulnerability in Broker FTP Server 5.9.5.0 by sending repeated CWD commands with a malformed '. .' sequence, causing a buffer overflow and server crash.

Description

Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by byterage · perlremotewindows

https://www.exploit-db.com/exploits/20910

View Code ZIP pw:eip

This Perl script exploits a denial-of-service vulnerability in Broker FTP Server 5.9.5.0 by sending repeated CWD commands with a malformed '. .' sequence, causing a buffer overflow and server crash.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Broker FTP Server 5.9.5.0

Auth required

Prerequisites: Network access to the target FTP server · Valid credentials (or anonymous access)

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/2851

Exploit, Vendor Advisory mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/190032

Scores

EPSS 0.0509

EPSS Percentile 91.2%

Details

Status published

Products (7)

transsoft/broker_ftp_server 3.0_build_1

transsoft/broker_ftp_server 4.0

transsoft/broker_ftp_server 4.7.5.0

transsoft/broker_ftp_server 5.0

transsoft/broker_ftp_server 5.1

transsoft/broker_ftp_server 5.7

transsoft/broker_ftp_server 5.9.5.0

Published Sep 20, 2001

Tracked Since Feb 18, 2026