Tiny FTPd Multiple Buffer Overflow Vulnerabilities

This exploit will use the STOR overflow to create a registry key named 'backsection.net' in
HKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ In that key it will create an entry named "http" with a value of "0". This will set IE to not apply security settings against pages coming from backsection.net . The exploit then starts IE and loads http://shadowpenguin.backsection.net/ocx/sample.html . ActiveX code will then pop up a message box.

This exploit was only tested on Windows 98 with IE5. Usage under Windows NT will require some editing of the registry key location.


 

Privacy Statement
Copyright 2010, SecurityFocus