Primary

Context

YATinyWinFTP Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in YATinyWinFTP version 0.0.5. This vulnerability allows attackers to crash the FTP service by sending a 272-byte buffer with a trailing space, which triggers a buffer overflow and causes the service to crash.

Impact

Exploitation of this vulnerability leads to a crash of the FTP service, causing a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by connecting to the FTP service and sending a command that includes a 272-byte buffer with a trailing space. This can be done using a simple Python script that creates a socket connection to the FTP server, sends the malformed command, and then closes the connection.

Added: Jan 28, 2026, 6:42 PM

Updated: Jan 28, 2026, 6:42 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.3

remediation

0.0

relevance

2.3

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.3

remediation

0.0

relevance

2.3

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

YATinyWinFTP Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating