CVE-1999-0362 in WS_FTP Serverinfo

Summary

by MITRE

WS_FTP server remote denial of service through cwd command.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 10/26/2025

The WS_FTP server remote denial of service vulnerability represents a critical security flaw in the widely used file transfer protocol implementation that affects systems running the WS_FTP server software. This vulnerability specifically targets the Change Working Directory command within the File Transfer Protocol interface, allowing remote attackers to disrupt service availability without requiring authentication or privileged access. The flaw demonstrates a fundamental weakness in input validation and resource management within the server's command processing mechanism, creating a scenario where legitimate service operations can be terminated through carefully crafted malicious commands.

The technical exploitation of this vulnerability occurs when a remote attacker sends a malformed or excessively long CWD command to the WS_FTP server, causing the server process to crash or become unresponsive. This type of denial of service attack falls under the category of resource exhaustion or process termination vulnerabilities, where the server fails to properly handle exceptional input conditions. The vulnerability stems from inadequate bounds checking and error handling within the server's FTP protocol implementation, particularly in how it processes directory change requests. The flaw represents a classic example of a buffer over-read or improper state management issue that can be exploited to terminate legitimate service operations.

The operational impact of this vulnerability extends beyond simple service disruption to potentially affect business continuity and operational availability for organizations relying on WS_FTP server implementations. When exploited successfully, the denial of service condition can render file transfer services completely inaccessible to legitimate users, affecting data exchange operations, automated file processing workflows, and remote access capabilities. This vulnerability particularly impacts environments where WS_FTP server is deployed as a critical infrastructure component for file sharing, data synchronization, or remote system administration tasks. The remote nature of the attack means that systems can be compromised from anywhere on the network without requiring physical access or prior authentication, making it a significant threat to operational security.

Organizations affected by this vulnerability should implement immediate mitigations including network segmentation to restrict access to FTP services, deployment of firewall rules to limit FTP command access, and application of vendor-provided patches or updates. The vulnerability aligns with CWE-122, which addresses buffer overflow conditions in memory management, and represents a specific instance of improper input validation that can lead to service disruption. From an ATT&CK framework perspective, this vulnerability maps to the T1499.004 technique for network denial of service attacks, where adversaries leverage weaknesses in network services to disrupt availability. System administrators should also consider implementing intrusion detection systems to monitor for suspicious FTP command patterns and establish redundant file transfer solutions to maintain operational continuity during potential exploitation events.

Disclosure

02/02/1999

Moderation

accepted

Entry

VDB-14480

CPE

ready

EPSS

0.02052

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!