CVEs-PoC/2006/CVE-2006-5789.md

### [CVE-2006-5789](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5789)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

War FTP Daemon (WarFTPd) 1.82.00-RC11 allows remote authenticated users to cause a denial of service via a large number of "%s" format strings in (1) CWD, (2) CDUP, (3) DELE, (4) NLST, (5) LIST, (6) SIZE, and possibly other commands.  NOTE: it is possible that vector 1 is an off-by-one variant or incomplete fix of CVE-2005-0312.

### POC

#### Reference
- http://securityreason.com/securityalert/1832

#### Github
No PoCs found on GitHub currently.