CVE-2006-5789

WarFTPd 1.82.00-RC11 - Authenticated Denial of Service via Format String in FTP Commands

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5789. PoCs published by Joxean Koret.

AI-analyzed exploit summary This exploit targets a denial-of-service vulnerability in WAR-FTPD by sending an overly long string to the CWD command, causing the server to crash. The PoC connects anonymously and verifies the exploit by attempting to reconnect.

Description

War FTP Daemon (WarFTPd) 1.82.00-RC11 allows remote authenticated users to cause a denial of service via a large number of "%s" format strings in (1) CWD, (2) CDUP, (3) DELE, (4) NLST, (5) LIST, (6) SIZE, and possibly other commands. NOTE: it is possible that vector 1 is an off-by-one variant or incomplete fix of CVE-2005-0312.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Joxean Koret · pythondoswindows

https://www.exploit-db.com/exploits/2735

View Code ZIP pw:eip

This exploit targets a denial-of-service vulnerability in WAR-FTPD by sending an overly long string to the CWD command, causing the server to crash. The PoC connects anonymously and verifies the exploit by attempting to reconnect.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: WAR-FTPD (version not specified)

No auth needed

Prerequisites: Network access to the FTP server · FTP service running on target

MITRE ATT&CK