CVE-2008-6829
Vicftps - Improper Input Validation
Title source: ruleDescription
VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a LIST command that starts with a "/\/" (forward slash, backward slash, forward slash). NOTE: this might be the same issue as CVE-2008-2031.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Alfons Luja · cdoswindows
https://www.exploit-db.com/exploits/6834
metasploit
WORKING POC
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/windows/ftp/vicftps50_list.rb
Scores
EPSS
0.7022
EPSS Percentile
98.7%
Details
CWE
CWE-20
Status
published
Products (1)
vicftps/vicftps
5.0
Published
Jun 08, 2009
Tracked Since
Feb 18, 2026