CVE-2001-1156

TYPSoft FTP 0.95 - Denial of Service via STOR or RETR Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-1156.

AI-analyzed exploit summary This Perl script exploits a denial-of-service (DoS) vulnerability in TYPSoft FTP Server <= v1.11 by sending malformed RETR commands after authentication. The exploit establishes a TCP connection, logs in with provided credentials, and sends crafted error codes to trigger the crash.

Description

TYPSoft FTP 0.95 allows remote attackers to cause a denial of service (CPU consumption) via a "../../*" argument to (1) STOR or (2) RETR.

Exploits (1)

exploitdb WORKING POC
perldoswindows
https://www.exploit-db.com/exploits/1251

This Perl script exploits a denial-of-service (DoS) vulnerability in TYPSoft FTP Server <= v1.11 by sending malformed RETR commands after authentication. The exploit establishes a TCP connection, logs in with provided credentials, and sends crafted error codes to trigger the crash.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: TYPSoft FTP Server <= v1.11
Auth required
Prerequisites: Network access to the target FTP server · Valid credentials for authentication
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4
Core References
Various Sources x_refsource_confirm
http://membres.lycos.fr/typsoft/eng/history.html
Exploit, Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/219167
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3409
Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/7247.php

Scores

EPSS 0.0587
EPSS Percentile 90.8%

Details

Status published
Products (1)
typsoft/typsoft_ftp_server 0.95
Published Oct 08, 2001
Tracked Since Feb 18, 2026