File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ [basic ]
2+ description = " BisonWare FTP Server 4.1 及更早版本存在输入验证缺陷,远程攻击者无需身份认证即可通过向目标 FTP 服务的 PORT 命令发送包含非数字字符及大量回车符的恶意数据包,触发服务器崩溃或服务中断,导致拒绝服务。该漏洞影响 BisonWare FTP Server 4.1 及之前的所有版本,CVSS 评分 5.0,危害等级中等。"
3+ published = " 1999-05-17T04:00:00.000"
4+ remediation = " 厂商 BisonWare 已停止运营,无官方补丁可用。建议立即升级到 BisonWare FTP Server 4.1 以上版本(如 5.0 或更高版本存在),或迁移至仍在维护的 FTP 服务器软件(如 FileZilla Server、ProFTPD 等)。临时缓解措施:在防火墙上限制 FTP 服务端口的访问来源 IP 范围,仅允许受信任网络连接,并在网络层部署入侵检测规则拦截格式异常的 PORT 命令。"
5+ score = 5
6+ severity = " MEDIUM"
7+ sources = [" cve" ]
8+ title = " BisonWare FTP Server 拒绝服务漏洞"
9+ updated = " 2026-06-16T21:49:50.407"
10+
11+ [exploit ]
12+ exp_urls = []
13+ poc_urls = []
14+
15+ [id ]
16+ aliases = [" CVE-1999-1156" ]
17+ ave_id = " AVE-1999-0985"
18+
19+ [meta ]
20+ collected_at = " 2026-07-14T00:00:00Z"
21+ status = " completed"
22+
23+ [references ]
24+ urls = [" https://exchange.xforce.ibmcloud.com/vulnerabilities/2254" ]
You can’t perform that action at this time.
0 commit comments