[14207] in bugtraq
(BisonWare FTP Server V3.5 Roses Labs Security Advisory) is a old
daemon@ATHENA.MIT.EDU (Ussr Labs)
Wed Mar 8 04:22:49 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <NCBBKFKDOLAGKIAPMILPCENLCCAA.labs@ussrback.com>
Date: Tue, 7 Mar 2000 04:27:40 -0300
Reply-To: Ussr Labs <labs@USSRBACK.COM>
From: Ussr Labs <labs@USSRBACK.COM>
X-To: BUGTRAQ <bugtraq@securityfocus.com>
To: BUGTRAQ@SECURITYFOCUS.COM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ----------------------------------------------------------------------
- --------------------------------------------
Roses Labs Security Advisory
----------------------------
Author: Conde Vampiro
Roses Labs Advisory Code: RLA002
Date: 2/29/2000.
Software: BisonWare FTP Server V3.5
Platform: Windows 9x/NT.
Risk: Remote buffer overflow, that allow
to crash the FTP Server. (Maybe also be
possible to execute arbitrary code.)
------------
Introduction
------------
Bison FTP Server is a FTP server that
runs on windows platforms. An intruder can launch
an attack that will crash the FTP server.
------
Detail
------
Sending a "LOGIN" & "PASSWORD" of 550 characters
each, will crash the FTP Server. This is the error that
the FTP will produce:
"Exception EAccessViolation in module BISONFTP.EXE at
0A0D4858. Access vilation at address 0A0D5858. Read of
address 0A0D5858."
----
Code
----
Warning: Neither the Roses Labs or the author accept
any responsibility of the use of this code. This code will
crash the FTP server.
---
Fix
---
This problem is fixed in V4.1 out soon.
----
Note
----
This bug was found using Cyber Host
Auditor (CHA). CHA is a security tool coded by
The Roses Labs to discover in a easy way DoS &
possible buffer overflows.
Roses Labs / w00w00
http://www.roses-labs.com
Advanced Security Research.
- ----------------------------------------------------------------------
- --------------------------------------------
Ussr labs Release the Advisory the day 25/11/1999 reporting the
BisonWare FTP Server V3.5 problem, i dont know why
but is never posted in bugtraq. (we send the message).
"Your message dated Wed, 24 Nov 1999 22:55:02 -0300 with subject
"Remote DoS
Attack in BisonWare FTP Server V3.5 Vulnerability" has been submitted
to the
moderator of the BUGTRAQ list: Elias Levy
<aleph1@SECURITYFOCUS.COM>."
but nobody post it in bugtraq.
http://www.ntsecurity.net/scripts/win2ks-l.asp?A2=IND9911D&L=WIN2KSECA
DVICE&F=&S=&P=1327
Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability
Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability (44
lines)
From: Ussr Labs <labs@USSRBACK.COM>
Date: Wed, 24 Nov 1999 22:52:41 -0300
http://www.ntsecurity.net/scripts/win2ks-l.asp?A2=IND9911D&L=WIN2KSECA
DVICE&F=&S=&P=1541
SV: Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability
SV: Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability (69
lines)
From: Arne Vidstrom <winnt@BAHNHOF.SE>
Date: Thu, 25 Nov 1999 23:50:44 +0100
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c
h
http://www.ussrback.com
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com>
iQA/AwUBOMSvbNybEYfHhkiVEQJWNACgpocEeWJy5jLKYyJiimyC4+mKZhYAoLwU
v6dek/h+bVYxBu2QwXB6TWC8
=nTbQ
-----END PGP SIGNATURE-----
