[5386] in bugtraq
Re: DOS PC FTP SERVER
daemon@ATHENA.MIT.EDU (David LeBlanc)
Mon Oct 13 11:38:00 1997
Date: Mon, 13 Oct 1997 09:30:52 -0400
Reply-To: David LeBlanc <dleblanc@MINDSPRING.COM>
From: David LeBlanc <dleblanc@MINDSPRING.COM>
X-To: Efrain Torres Mejia <etorres@pollux.javeriana.edu.co>
To: BUGTRAQ@NETSPACE.ORG
At 05:50 PM 10/11/97 -0500, Efrain Torres Mejia wrote:
>Im sure this will work on others pc ftp servers for windoze
>Program: WinQVT/NET
>Version: All versions.. 16 and 32 bits
>Exploit: Just Send a OOB (Out of Band) to port 21,
A patched version of NT 4.0 isn't vulnerable to this running MS's FTP
server. I haven't had a chance to test an unpatched server, but IIRC, I
did check the FTP port when the OOB problem was first reported and it
didn't cause a crash.
I would suspect that this could be a DOS/Win problem in general, and might
not be specific to the WinQVT package.
David LeBlanc |Why would you want to have your desktop user,
dleblanc@mindspring.com |your mere mortals, messing around with a 32-bit
|minicomputer-class computing environment?
|Scott McNealy
