My tool is written in Python and exploits the CVE-2007-5962 vulnerability to perform a series of directory changes that crash the ftp daemon.
*** DISCLAIMER!!! *** Please note that the use of hacking tools without authorization is illegal and could result in legal problems. Therefore, it is important to use this tool only for testing purposes on systems where you have permission to act.
-
firewall disabled or compromised
-
the attacker must know the username and password of an ftp account
-
ftp passwords travel unencrypted and could be sniffed
vsftpd 2.0.5 - 'CWD' (Authenticated) Remote Memory Consumption