CVE-2008-5105

KarjaSoft Sami FTP Server 2.0.x - Denial of Service via Malformed FTP Commands

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-5105. PoCs published by Cod3rZ.

AI-analyzed exploit summary The exploit describes a denial-of-service vulnerability in Sami FTP Server 2.0 series, triggered by sending specific commands followed by 'AA'. The issue arises from improper handling of exceptional conditions.

Description

KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash or hang) via certain (1) APPE, (2) CWD, (3) DELE, (4) MKD, (5) RMD, (6) RETR, (7) RNFR, (8) RNTO, (9) SIZE, and (10) STOR commands.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Cod3rZ · textdoswindows

https://www.exploit-db.com/exploits/31205

View Code ZIP pw:eip

The exploit describes a denial-of-service vulnerability in Sami FTP Server 2.0 series, triggered by sending specific commands followed by 'AA'. The issue arises from improper handling of exceptional conditions.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Sami FTP Server 2.0 series

No auth needed

Prerequisites: Network access to the target FTP server · Standard FTP client or network utility

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/488198/100/200/threaded

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/27817

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/4603

Scores

EPSS 0.0272

EPSS Percentile 84.1%

Details

CWE

CWE-20

Status published

Products (3)

karjasoft/sami_ftp_server 2.0.0

karjasoft/sami_ftp_server 2.0.1

karjasoft/sami_ftp_server 2.0.2

Published Nov 17, 2008

Tracked Since Feb 18, 2026