=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


    Date: Чт, 04 ноя 1999  22:59:26

   От: Alberto Soliсo 

 Кому: BUGTRAQ@SECURITYFOCUS.COM

 Тема: Re: WFTPD v2.40 FTPServer remotely exploitable buffer   overflow vulnerability

--------------------------------------------------------------------------------




Hi:



This message attaches a workeable WFTPD 2.34 exploit for WIN NT 4.0

[SP3-4], Windows 95, Windows 98.



In order to make it work, the attacker must have access (eg: the exploit

works with anonymous access but it's easy to change, look at the source

code).



An interesting point is that if you don't have an account on the server

and also tries to run the exploit the server stops answering requests

and

makes a GPF when the administrator of the server exits WFTPD.





-- 

==================[ CORE Seguridad de la Informacion S.A. ]=========

Alberto Soliсo                        email   : asolino@core-sdi.com

Pte. Juan D. Peron 315 Piso 4 UF 17             www.core-sdi.com

1038 Capital Federal

Buenos Aires, Argentina.              Tel/Fax : +(54.11)43.31.54.02

Casilla de Correos 877 (1000) Correo Central

====================================================================

--

"Simplicity is the highest goal, achievable when you have overcome 

all difficulties." F. Chopin