CVE-1999-1156
published 1999-05-17CVE-1999-1156: BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character…
PriorityP412medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
1.27%
66.2th percentile
BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bisonware | bisonware_ftp_server | <= 4.1 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
BisonWare FTP Server up to 4.1 PORT Command denial of service (XFDB-2254 / SBV-2170)
vuldb·2026-04-19·CVSS 5.0
CVE-1999-1156 [MEDIUM] BisonWare FTP Server up to 4.1 PORT Command denial of service (XFDB-2254 / SBV-2170)
A vulnerability labeled as problematic has been found in BisonWare FTP Server up to 4.1. This affects an unknown part of the component PORT Command Handler. Such manipulation leads to denial of service.
This vulnerability is traded as CVE-1999-1156. The attack may be launched remotely. Furthermore, there is an exploit available.
GHSA
GHSA-phmx-3wr6-q2h6: BisonWare FTP Server 4
ghsa_unreviewed·2022-04-30
CVE-1999-1156 [MEDIUM] GHSA-phmx-3wr6-q2h6: BisonWare FTP Server 4
BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
1999-05-17
Published