[16450] in bugtraq
[EXPL] GoodTech's FTP Server vulnerable to a DoS (RNTO)
daemon@ATHENA.MIT.EDU (Aviram Jenik)
Wed Aug 30 17:31:06 2000
MIME-version: 1.0
Content-type: text/plain; charset="Windows-1252"
Content-transfer-encoding: 7bit
Message-ID: <02ff01c0124c$e9387660$0201a8c0@aviram>
Date: Wed, 30 Aug 2000 08:38:30 +0200
Reply-To: Aviram Jenik <aviram@BEYONDSECURITY.COM>
From: Aviram Jenik <aviram@BEYONDSECURITY.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
The following security advisory is sent to the securiteam mailing list, and
can be found at the SecuriTeam web site: http://www.securiteam.com
GoodTech's FTP Server vulnerable to a DoS (RNTO)
----------------------------------------------------------------------------
SUMMARY
<http://www.goodtechsys.com/> GoodTech's FTP Server contains a security
hole that allows a remote user to launch a Denial of Service attack
against the product just by sending a simple FTP command.
DETAILS
Vulnerable systems:
FTP Server dated before 26/08/2000 (3.0.1, and 3.0)
Immune systems:
FTP Server dated 26/08/2000 and later
By issuing a RNTO command to GoodTech's FTP Server it is possible to cause
it to hang, effectively blocking the listening socket thread. If done
enough times this can be used to exhaust all available sockets of the
server, effectively causing a Denial of Service attack.
Patch:
The immune version can be downloaded from:
http://www.goodtechsys.com/predownload.asp
ADDITIONAL INFORMATION
The security hole was discovered by SecuriTeam (expert@securiteam.com).
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any
kind.
In no event shall we be liable for any damages whatsoever including direct,
indirect, incidental, consequential, loss of business profits or special
damages.
====================
--
Aviram Jenik
Beyond Security Ltd.
http://www.BeyondSecurity.com
http://www.SecuriTeam.com
