Info

Disclosure

Oct 13, 2008

Discovery

Unknown

Dates

Exploit

Oct 13, 2008

Solution

Unknown

Description

RaidenFTPD contains a flaw that may allow a remote denial of service. The issue is triggered when a long CWD argument is passed as well as a MLST argument , and will result in loss of availability for the service.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified, Uncoordinated Disclosure
OSVDB: Web Related

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Team John Long

RaidenFTPD

2.4.3615

References

CVE ID: 2008-6186 (see also: NVD)
Bugtraq ID: 31741
Secunia Advisory ID: 32216
Exploit Database: 6742
Milw0rm: 6742
VUPEN Advisory: ADV-2008-2804
Vendor URL: http://www.raidenftpd.com/en/

Credit

dmnt -

Direct URL: http://osvdb.org/49087