TYPSoft FTP Server 1.10 allows remote authenticated users to cause a denial of service (CPU consumption) via //../ arguments to (1) mkd, (2) xmkd, (3) dele, (4) size, (5) retr, (6) stor, (7) appe, (8) rnfr, (9) rnto, (10) rmd, or (11) xrmd, as demonstrated using //../qwerty.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Typsoft_ftp_server | Typsoft | 1.10 (including) | 1.10 (including) |