cbcvebase.
CVE-2008-2031
published 2008-04-30

CVE-2008-2031: VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a crafted LIST command, which triggers a NULL pointer dereference. NOTE: the…

PriorityP431medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
46.31%
98.7th percentile
VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a crafted LIST command, which triggers a NULL pointer dereference. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected

1 ranges
VendorProductVersion rangeFixed in
vicftpsvicftps

Detection & IOCsextracted from sources · hover to see the quote

commandLIST /\/
  • Alert on FTP LIST commands containing the '/\/' (slash-backslash-slash) pattern, which is the trigger for the VicFTPS 5.0 crash.
  • Monitor FTP sessions authenticating as 'Anonymous' with password '[email protected]' followed immediately by a malformed LIST command — this matches the PoC exploit's exact credential and attack sequence.
  • The Metasploit auxiliary module 'auxiliary/dos/windows/ftp/vicftps50_list' can be used to test exposure; detect its use by correlating FTP LIST DoS patterns against VicFTPS 5.0 banners.
  • ·The DoS only triggers after successful authentication; anonymous login must be enabled on the target VicFTPS 5.0 instance for the unauthenticated-style PoC to work. Disabling anonymous FTP access raises the bar for exploitation.
  • ·CVE-2008-2031 and CVE-2008-6829 may describe the same underlying issue; detections built for one should be validated against both CVE identifiers.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.