[42451] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

SamiFTPd buffer overflow

daemon@ATHENA.MIT.EDU (admin@critical.lt)
Thu Jan 26 12:12:15 2006

Date: 24 Jan 2006 19:58:19 -0000
Message-ID: <20060124195819.1491.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: admin@critical.lt
To: bugtraq@securityfocus.com

Sami FTP server buffer overflow
Critical Security advisory #007 - 2006-01-24 16:20:08

Product: Sami FTP 2.0.1 
Vuln type: Stack based buffer overflow 
Risk:  Moderate
Attack: Remote 
Original advisory: http://www.critical.lt/?vulnerabilities/208

Sami FTP Server buffer overflow vulnerability 

Product site: http://www.karjasoft.com/samiftp 

Server is affected by a buffer overflow due to insufficient sanitization of user input, vulnerable parameter - USER. Vulnerability 
is triggered when someone tries to view server log. 

Proof Of Concept code execution exploit: 
http://www.critical.lt/research/sami_ftp_poc.txt


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[42451] in bugtraq

SamiFTPd buffer overflow

daemon@ATHENA.MIT.EDU (admin@critical.lt)Thu Jan 26 12:12:15 2006

daemon@ATHENA.MIT.EDU (admin@critical.lt)
Thu Jan 26 12:12:15 2006