Application: Hyperion FTP Server
Web Site: http://www.mollensoft.com
Versions: 3.0.0
Platform: Windows
Bug: Buffer Overflow.
Risk: Remote DOS and unauthorised remote access.
---------------------
1) Introduction
2) Bug
3) The Code
4) Fix
===============
1) Introduction
===============
Hyperion FTP Server is a powerful, reliable FTP server for
Windows95/98/NT/2000, and supports all basic FTP commands,
and much more, such as passive mode.
======
2) Bug
======
Buffer Overflow in the USER field.
Any remote attacker can cause DOS and in some cases get
unauthorised remote access to the server.
when sending a string in the user field with more than 931 chars.
===========
3) The Code
===========
telnet <server> 21
A * 931
connection closed.
--
server overflow will occur.
======
4) Fix
======
Mollensoft have been informed about this issue and released a new
version, however they did not gave it a new version number.
Anyone who is using version installed before 5/4/03 is advised
to download and install the new version.
_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
DataSEC Advisory http://www.data-sec.com
-------------------------------------------------------
Application: Hyperion FTP Server
Web Site: http://www.mollensoft.com
Versions: 3.0.0
Platform: Windows
Bug: Buffer Overflow.
Risk: Remote DOS and unauthorised remote access.
---------------------
1) Introduction
2) Bug
3) The Code
4) Fix
===============
1) Introduction
===============
Hyperion FTP Server is a powerful, reliable FTP server for
Windows95/98/NT/2000, and supports all basic FTP commands,
and much more, such as passive mode.
======
2) Bug
======
Buffer Overflow in the USER field.
Any remote attacker can cause DOS and in some cases get
unauthorised remote access to the server.
when sending a string in the user field with more than 931 chars.
===========
3) The Code
===========
telnet <server> 21
A * 931
connection closed.
--
server overflow will occur.
======
4) Fix
======
Mollensoft have been informed about this issue and released a new
version, however they did not gave it a new version number.
Anyone who is using version installed before 5/4/03 is advised
to download and install the new version.
---------
Moran Zavdi
Security consultant
DataSEC
http://www.data-sec.com
moranz (at) datasecmail (dot) com [email concealed]
_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
[ reply ]