CVE-2005-3294

Typsoft FTP Server < 1.11 - Denial of Service via Multiple RETR Commands

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2005-3294. PoCs published by emgent, Jeremiah Talamantes, wood.

AI-analyzed exploit summary This exploit triggers a denial of service in TYPSoft FTP Server v1.10 by sending malformed RETR commands. It establishes an FTP connection, logs in with test credentials, and sends two RETR commands with a single 'A' character as the argument, causing the server to crash.

Description

Typsoft FTP Server 1.11, with "Sub Directory Include" enabled, allows remote attackers to cause a denial of service (crash) by sending multiple RETR commands. NOTE: it was later reported that 1.10 is also affected.

Exploits (3)

exploitdb WORKING POC VERIFIED
by emgent · pythondoswindows
https://www.exploit-db.com/exploits/15860

This exploit triggers a denial of service in TYPSoft FTP Server v1.10 by sending malformed RETR commands. It establishes an FTP connection, logs in with test credentials, and sends two RETR commands with a single 'A' character as the argument, causing the server to crash.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: TYPSoft FTP Server v1.10
Auth required
Prerequisites: Network access to the target FTP server · Valid or test credentials for authentication
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Jeremiah Talamantes · pythondoswindows
https://www.exploit-db.com/exploits/12604

This exploit targets a denial-of-service (DoS) vulnerability in TYPSoft FTP Server 1.10 by sending a malformed RETR command with an oversized buffer. The exploit repeatedly connects to the FTP server and sends the payload, causing the service to crash.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: TYPSoft FTP Server 1.10
Auth required
Prerequisites: Network access to the FTP server · Valid FTP credentials
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by wood · perldoswindows
https://www.exploit-db.com/exploits/1251

This Perl script exploits a denial-of-service (DoS) vulnerability in TYPSoft FTP Server v1.11 by sending malformed RETR commands after authentication. The exploit establishes a TCP connection, logs in with provided credentials, and sends crafted RETR commands to trigger the crash.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: TYPSoft FTP Server <= v1.11
Auth required
Prerequisites: Network access to the FTP server · Valid FTP credentials
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17196
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/19992
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/15104
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/15860

Scores

EPSS 0.0768
EPSS Percentile 93.8%

Details

CWE
CWE-399
Status published
Products (1)
typsoft/typsoft_ftp_server < 1.11
Published Oct 23, 2005
Tracked Since Feb 18, 2026