Reported August 07, 2003, by ZeroX.



VERSIONS AFFECTED

Crob FTP Server 2.60.1

DESCRIPTION

A Denial of Service (DoS) vulnerability exists in Crob FTP Server 2.60.1. If an attacker sends the FTP server a file whose name contains words such as CON, AUX, COM1, LPT1, the server might stop responding to legitimate requests.

VENDOR RESPONSE

Crob Software Studio has been notified.
 

CREDIT

Discovered by Zero X.