CVE-2004-0325

TYPSoft FTP Server 1.10 - Authenticated Denial of Service via Path Traversal Arguments

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0325. PoCs published by intuit bug_hunter.

AI-analyzed exploit summary This exploit demonstrates a remote denial of service vulnerability in TYPESoft FTP Server by sending malformed commands with excessive path traversal sequences. The server crashes when processing these commands, leading to a DoS condition.

Description

TYPSoft FTP Server 1.10 allows remote authenticated users to cause a denial of service (CPU consumption) via "//../" arguments to (1) mkd, (2) xmkd, (3) dele, (4) size, (5) retr, (6) stor, (7) appe, (8) rnfr, (9) rnto, (10) rmd, or (11) xrmd, as demonstrated using "//../qwerty".

Exploits (1)

exploitdb WORKING POC VERIFIED
by intuit bug_hunter · textdoswindows
https://www.exploit-db.com/exploits/23731

This exploit demonstrates a remote denial of service vulnerability in TYPESoft FTP Server by sending malformed commands with excessive path traversal sequences. The server crashes when processing these commands, leading to a DoS condition.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: TYPESoft FTP Server 1.10
No auth needed
Prerequisites: Network access to the vulnerable FTP server
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107764173821905&w=2
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9702
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15306

Scores

EPSS 0.0303
EPSS Percentile 86.0%

Details

Status published
Products (1)
typsoft/typsoft_ftp_server 1.10
Published Dec 31, 2004
Tracked Since Feb 18, 2026