FTPService.exe in Blackmoon FTP 3.1 Build 1735 and Build 1736 (3.1.7.1736), and possibly other versions before 3.1.8.1737, allows remote attackers to cause a denial of service (crash) via a large number of PORT commands with long arguments, which triggers a NULL pointer dereference. NOTE: some of these details are obtained from third party information.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Blackmoon_ftp_server | Blackmoonftpserver | 3.1 (including) | 3.1 (including) |
Blackmoon_ftp_server | Blackmoonftpserver | 3.1.7.1735 (including) | 3.1.7.1735 (including) |
Blackmoon_ftp_server | Blackmoonftpserver | 3.1.7.1736 (including) | 3.1.7.1736 (including) |