CVE-2001-0932

Cooolsoft PowerFTP Server 2.03 - Buffer Overflow via Long Command

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2001-0932. PoCs published by Alex Hernandez, alt3kx.

AI-analyzed exploit summary This exploit targets a denial-of-service vulnerability in PowerFTP Server v2.03 by sending an excessive number of 'NLST a:/' commands, causing the server to hang. The PoC demonstrates the issue but does not confirm arbitrary code execution.

Description

Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long command.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Alex Hernandez · perldoswindows
https://www.exploit-db.com/exploits/21163

This exploit targets a denial-of-service vulnerability in PowerFTP Server v2.03 by sending an excessive number of 'NLST a:/' commands, causing the server to hang. The PoC demonstrates the issue but does not confirm arbitrary code execution.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: PowerFTP Server v2.03
Auth required
Prerequisites: Network access to the target FTP server · Valid credentials for authentication
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Alex Hernandez · perldoswindows
https://www.exploit-db.com/exploits/21162

This Perl script exploits a denial-of-service vulnerability in PowerFTP Server v2.03 by sending an excessively long FTP command (2048 bytes of 'A' characters). The exploit establishes a TCP connection to the FTP port and sends the malformed data, causing the server to crash.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: PowerFTP Server v2.03
No auth needed
Prerequisites: Network access to the target FTP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec STUB
by alt3kx · poc
https://github.com/alt3kx/CVE-2001-0932

The repository contains only a README file with references to Exploit-DB entries for CVE-2001-0932 but no actual exploit code or technical details. It serves as a placeholder without functional PoC or analysis.

Classification
Stub 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Cooolsoft PowerFTP Server 2.0 3/2.10
No auth needed
Prerequisites: Network access to the vulnerable PowerFTP Server
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3595
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=100698397818175&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7616

Scores

EPSS 0.2264
EPSS Percentile 97.4%

Details

Status published
Products (1)
cooolsoft/powerftp 2.03
Published Nov 28, 2001
Tracked Since Feb 18, 2026