|
=0A=0A=0A=0ADiscovery Date: Nov 14, 2009 =0ARisk: Important =0AAffected Software: =0A=09* Wing FTP Server 3.1.2 =0ADescription:=0A=0A=0AThere is a Denial of Service =0A(DoS) vulnerability that exists in Wing FTP Server 3.1.2. The =0Asaid vulnerability can be exploited by using an invalid parameter for =0APORT command. When exploited successfully, the vulnerability could cause FTP server using the said software to crash.=0AWing FTP Server 3.1.2 on a Windows environment is affected. =0AOther versions may also be affected. =0A=0APatch Information:=0A=0A=0AMore =0Ainformation on the patch can be found in the following page:=0A=09* Wing FTP =0AServer History=0ADiscovered by:=0ASumit Kumar Soni , Trend Micro=0ARead more about this threat incident in the Malware Blog entry "Trend Micro Discovers Wing FTP Server PORT Command DoS Bug." hxxp://threatinfo.trendmicro.com/vinfo/SecAdvisories/default6.asp?VNAME=Wing+FTP+Server+PORT+Command+DoS+Vulnerability&Page=2=0A=0Ahxxp://voidroot.blogspot.com/2010/06/wing-ftp-server-port-command-dos.html=0A=0A