module

VSFTPD 2.3.2 Denial of Service

Disclosed	Created
Feb 3, 2011	May 30, 2023

Disclosed

Feb 3, 2011

Created

May 30, 2023

Description

This module triggers a Denial of Service condition in the VSFTPD server in
versions before 2.3.3. So far, it has been tested on 2.3.0, 2.3.1, and 2.3.2.

Authors

Nick Cottrell (Rad10Logic) [email protected]
Anna Graterol [email protected]
Mana Mostaani [email protected]
Maksymilian Arciemowicz

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':


    msf > use auxiliary/dos/ftp/vsftpd_232
    msf auxiliary(vsftpd_232) > show actions
        ...actions...
    msf auxiliary(vsftpd_232) > set ACTION < action-name >
    msf auxiliary(vsftpd_232) > show options
        ...show and set options...
    msf auxiliary(vsftpd_232) > run

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report