ID:3882 - Exploit for Input validation error in FTP Server - CVE-2017-6367

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:3882 - Exploit for Input validation error in FTP Server - CVE-2017-6367

ID:3882 - Exploit for Input validation error in FTP Server - CVE-2017-6367

Published: August 9, 2020


Vulnerability identifier: #VU39473
Vulnerability risk: Medium
CVE-ID: CVE-2017-6367
CWE-ID: CWE-20
Exploitation vector: Remote access
Vulnerable software:
FTP Server

Link to public exploit:


Vulnerability description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Windows service to crash. The attack methodology involves a long Host header and an invalid Content-Length header.


Remediation

Install update from vendor's website.