Test ID:	1.3.6.1.4.1.25623.1.0.52000
Category:	FTP
Title:	ProFTPD STAT Command Denial Of Service Vulnerability
Summary:	NOSUMMARY
Description:	Description: The remote FTP server according to its version number, is a ProFTPD server vulnerable to a Denial of Service attack via a specially formatted STAT or ls commands Versions prior to 1.2.2 are vulnerable. Solution : Upgrade to 1.2.2 or later. Risk factor : High
Cross-Ref:	BugTraq ID: 6341 Common Vulnerability Exposure (CVE) ID: CVE-2001-0318 Bugtraq: 20010110 proftpd 1.2.0rc2 -- example of bad coding (Google Search) http://marc.info/?l=bugtraq&m=97916525715657&w=2 Bugtraq: 20010206 Response to ProFTPD issues (Google Search) http://archives.neohapsis.com/archives/bugtraq/2001-02/0117.html Conectiva Linux advisory: CLA-2001:380 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000380 Debian Security Information: DSA-029 (Google Search) http://www.debian.org/security/2001/dsa-029 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-021.php3 XForce ISS Database: proftpd-format-string(6433) https://exchange.xforce.ibmcloud.com/vulnerabilities/6433
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.