CVE-2006-5568
FtpXQ Server 3.0.1 - Denial of Service via Long MKD Command
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-5568. PoCs published by Federico Fazzi.
AI-analyzed exploit summary This exploit triggers a denial-of-service (DoS) in FtpXQ Server by sending an overly long 'MKD' command, causing a buffer overflow. It requires authentication but leverages default test accounts for access.
Description
FtpXQ Server 3.0.1 allows remote attackers to cause a denial of service (CPU exhaustion) via a long MKD command.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Federico Fazzi · cdoswindows
https://www.exploit-db.com/exploits/28860
This exploit triggers a denial-of-service (DoS) in FtpXQ Server by sending an overly long 'MKD' command, causing a buffer overflow. It requires authentication but leverages default test accounts for access.
Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:
FtpXQ Server 3.01
Auth required
Prerequisites:
network access to the FTP server · valid credentials (or default test accounts)
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/29778
Mailing List mailing-list
x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050335.html
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/1789
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4192
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/22540
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/20721
Scores
EPSS
0.0342
EPSS Percentile
87.3%
Details
CWE
CWE-399
Status
published
Products (1)
datawizard/ftpxq
3.0.1
Published
Oct 27, 2006
Tracked Since
Feb 18, 2026