Skip to content

Commit c038df0

Browse files
committed
add: AVE-1999-0985
1 parent aa59e26 commit c038df0

1 file changed

Lines changed: 24 additions & 0 deletions

File tree

vulns/1999/AVE-1999-0985.toml

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
[basic]
2+
description = "BisonWare FTP Server 4.1 及更早版本存在输入验证缺陷,远程攻击者无需身份认证即可通过向目标 FTP 服务的 PORT 命令发送包含非数字字符及大量回车符的恶意数据包,触发服务器崩溃或服务中断,导致拒绝服务。该漏洞影响 BisonWare FTP Server 4.1 及之前的所有版本,CVSS 评分 5.0,危害等级中等。"
3+
published = "1999-05-17T04:00:00.000"
4+
remediation = "厂商 BisonWare 已停止运营,无官方补丁可用。建议立即升级到 BisonWare FTP Server 4.1 以上版本(如 5.0 或更高版本存在),或迁移至仍在维护的 FTP 服务器软件(如 FileZilla Server、ProFTPD 等)。临时缓解措施:在防火墙上限制 FTP 服务端口的访问来源 IP 范围,仅允许受信任网络连接,并在网络层部署入侵检测规则拦截格式异常的 PORT 命令。"
5+
score = 5
6+
severity = "MEDIUM"
7+
sources = ["cve"]
8+
title = "BisonWare FTP Server 拒绝服务漏洞"
9+
updated = "2026-06-16T21:49:50.407"
10+
11+
[exploit]
12+
exp_urls = []
13+
poc_urls = []
14+
15+
[id]
16+
aliases = ["CVE-1999-1156"]
17+
ave_id = "AVE-1999-0985"
18+
19+
[meta]
20+
collected_at = "2026-07-14T00:00:00Z"
21+
status = "completed"
22+
23+
[references]
24+
urls = ["https://exchange.xforce.ibmcloud.com/vulnerabilities/2254"]

0 commit comments

Comments
 (0)