CVE-2006-6751

XM Easy Personal FTP Server <5.2.1 - DoS

Title source: llm

Description

Format string vulnerability in XM Easy Personal FTP Server 5.2.1 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the USER command or certain other available or nonexistent commands. NOTE: It was later reported that 5.3.0 is also vulnerable.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · pythondoswindows

https://www.exploit-db.com/exploits/2978

View Code ZIP pw:eip

References (6)

Core 6

Core References

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/0786

Third Party Advisory, VDB Entry x_refsource_misc

http://downloads.securityfocus.com/vulnerabilities/exploits/22747.pl

Exploit x_refsource_misc

http://downloads.securityfocus.com/vulnerabilities/exploits/18632.txt

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/22747

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/31140

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/18632

Scores

EPSS 0.0562

EPSS Percentile 90.4%

Details

CWE

CWE-134

Status published

Products (2)

dxmsoft/xm_easy_personal_ftp_server 5.2.1

dxmsoft/xm_easy_personal_ftp_server 5.3

Published Dec 27, 2006

Tracked Since Feb 18, 2026