[12677] in bugtraq

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Remote DoS Attack in Vermillion FTP Daemon (VFTPD) v1.23

daemon@ATHENA.MIT.EDU (Ussr Labs)
Mon Nov 22 14:46:53 1999

Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id:  <NCBBKFKDOLAGKIAPMILPCENOCAAA.labs@ussrback.com>
Date:         Mon, 22 Nov 1999 10:08:39 -0300
Reply-To: Ussr Labs <labs@USSRBACK.COM>
From: Ussr Labs <labs@USSRBACK.COM>
X-To:         BUGTRAQ <bugtraq@securityfocus.com>
To: BUGTRAQ@SECURITYFOCUS.COM

Remote DoS Attack in Vermillion FTP Daemon (VFTPD) v1.23 Vulnerability

PROBLEM

UssrLabs found a Local/Remote DoS Attack in Vermillion FTP Daemon (VFTPD)
v1.23,
The buffer overflow is caused by a 3 times long cwd, 504 characters,

Example:
[gimmemore@itsme]$ telnet example.com 21
Trying example.com...
Connected to example.com.
Escape character is '^]'.
220 itsme FTP Server (vftpd 1.23) ready.
USER itsme
PASS ******
CWD (buffer)
CWD (buffer)
CWD (buffer)

Overflow.

For the source / binary of this remote / local D.O.S

Vendor Status:

Contacted

vendor: ARCANE SOFTWARE

Vendor   Url:  http://www.arcanesoft.com/
Program Url: http://www.arcanesoft.com/files/vftpd123.exe

Credit: USSRLABS

SOLUTION
    Nothing yet.

u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c h
http://www.ussrback.com

home	help	back	first	fref	pref	prev	next	nref	lref	last	post