FTP Server Subject to DoS
Reported November 22, 1999 by USSRLABS
USSRLabs discovered a denial of service condition in
Vermillion FTP Daemon (VFTPD) v1.23 caused by a buffer overflow condition in the CWD
By send a CWD command three times in a row with a command
buffer of exactly 504 characters, the server can be made to crash.
Where buffer is 504 characters.
UssrLabs notified Arcane Software about this problem, however no response is unknown at this time.
Discovered by USSRLABS
Posted here at NTSecurity.net on November 22, 1999