FTP Server v2.0 Denial of Service
Reported November 17, 1999 by USSRLABS
UssrLabs reported a denial of service vulnerability in Gene6"s G6 FTP Server caused by a buffer overflow condition.
When a user logs into the FTP server using a long user name (2000 chars) the service will begin consuming memory and CPU cycles until all resources have been exhausted. This causes the server to stop responding.
UssrLabs did not notify Gene6 of this problem, however the vendor has been made aware through other channels.
Discovered by USSRLABS
Posted here at NTSecurity.net on November 17, 1999