CVE-2006-6624

Sambar Server 6.4 - Authenticated Denial of Service via FTP SIZE Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-6624. PoCs published by rgod.

AI-analyzed exploit summary This exploit triggers a denial of service (DoS) in Sambar FTP Server 6.4 by sending a malformed SIZE command with a long string of './' characters, causing an access violation. The PoC demonstrates the crash via a socket connection to the FTP service.

Description

The FTP Server in Sambar Server 6.4 allows remote authenticated users to cause a denial of service (application crash) via a long series of "./" sequences in the SIZE command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpdoswindows

https://www.exploit-db.com/exploits/2934

View Code ZIP pw:eip

This exploit triggers a denial of service (DoS) in Sambar FTP Server 6.4 by sending a malformed SIZE command with a long string of './' characters, causing an access violation. The PoC demonstrates the crash via a socket connection to the FTP service.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Sambar FTP Server 6.4

Auth required

Prerequisites: Network access to the FTP service · Valid FTP credentials

MITRE ATT&CK