CVE-2007-1075

TurboFTP 5.30 Build 572 - Denial of Service via Newline Character Flood

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1075. PoCs published by Marsu.

AI-analyzed exploit summary This exploit targets TurboFTP 5.30 Build 572 with multiple DoS vulnerabilities, including handling responses with excessive newline characters and heap overflows triggered by long filenames or CWD commands. It simulates an FTP server to trigger the vulnerabilities when a client connects.

Description

TurboFTP 5.30 Build 572 allows remote servers to cause a denial of service (CPU consumption) via a response with a large number of newline characters.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Marsu · c++doswindows

https://www.exploit-db.com/exploits/3341

View Code ZIP pw:eip

This exploit targets TurboFTP 5.30 Build 572 with multiple DoS vulnerabilities, including handling responses with excessive newline characters and heap overflows triggered by long filenames or CWD commands. It simulates an FTP server to trigger the vulnerabilities when a client connects.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: TurboFTP 5.30 Build 572

No auth needed

Prerequisites: Network access to the target · Target must initiate an FTP connection to the attacker's server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/33751

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/3341

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/22634

Scores

EPSS 0.0467

EPSS Percentile 89.6%

Details

Status published

Products (1)

turbosoft/turboftp 5.3.0 build_572

Published Feb 22, 2007

Tracked Since Feb 18, 2026