CVE-2008-4136

Michael Roth Software Personal FTP Server 6.0f - Denial of Service via Multiple RETR Commands

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-4136. PoCs published by Shinnok.

AI-analyzed exploit summary This exploit targets a denial-of-service vulnerability in Personal FTP Server 6.0f by sending multiple RETR commands with overly long filenames, causing the server to crash. It authenticates with provided credentials and sends progressively larger buffers to trigger the crash.

Description

Michael Roth Software Personal FTP Server (PFT) 6.0f allows remote attackers to cause a denial of service (service crash) via multiple RETR commands, possibly involving long filenames.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Shinnok · cdoswindows

https://www.exploit-db.com/exploits/6458

View Code ZIP pw:eip

This exploit targets a denial-of-service vulnerability in Personal FTP Server 6.0f by sending multiple RETR commands with overly long filenames, causing the server to crash. It authenticates with provided credentials and sends progressively larger buffers to trigger the crash.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Personal FTP Server 6.0f

Auth required

Prerequisites: Network access to the target FTP server · Valid credentials for authentication

MITRE ATT&CK