|
Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability
Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Date: Чт, 25 ноя 1999 04:55:02
От: Ussr Labs <labs@USSRBACK.COM>
Кому: BUGTRAQ@SECURITYFOCUS.COM
Тема: Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability
--------------------------------------------------------------------------------
Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability
PROBLEM
UssrLabs found a Local/Remote DoS Attack in BisonWare FTP Server V3.5,
the buffer overflow is caused by a long user name, 2000 characters,
There is not much to expand on.... just a simple hole
Example:
Go to: http://www.ussrback.com/biftps35/
For the source / binary of this remote / local D.O.S
Vendor Status:
Contacted.
Vendor Url: http://ourworld.compuserve.com/homepages/nick_barnes/
Program Url:
http://ourworld.compuserve.com/homepages/nick_barnes/ftpserve.htm
Credit: USSRLABS
SOLUTION
Nothing yet.
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h
http://www.ussrback.com
|
