CVE-2006-0357

Cerberus FTP Server 2.32 - Denial of Service via Long Invalid FTP Command String

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0357. PoCs published by pi3ch.

AI-analyzed exploit summary This exploit targets Cerberus FTP Server <= v2.32 by sending a large volume of crafted data to trigger a denial-of-service condition. It establishes a TCP connection and floods the server with repeated requests containing junk data.

Description

Grant Averett Cerberus FTP Server 2.32, and possibly earlier versions, allows remote attackers to cause an unspecified denial of service via a long string that does not contain a valid FTP command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by pi3ch · cdoswindows

https://www.exploit-db.com/exploits/1422

View Code ZIP pw:eip

This exploit targets Cerberus FTP Server <= v2.32 by sending a large volume of crafted data to trigger a denial-of-service condition. It establishes a TCP connection and floods the server with repeated requests containing junk data.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Cerberus FTP Server <= v2.32

No auth needed

Prerequisites: Network access to the target FTP server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit, Vendor Advisory x_refsource_misc

http://www.kapda.ir/advisory-210.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/24226

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/422162/100/0/threaded

Various Sources x_refsource_misc

http://www.cerberusftp.com/cerberus-releasenotes.htm

Scores

EPSS 0.0306

EPSS Percentile 85.9%

Details

Status published

Products (1)

grant_averett/cerberus_ftp_server 2.32

Published Jan 22, 2006

Tracked Since Feb 18, 2026