[29572] in bugtraq
Personal FTP Server
daemon@ATHENA.MIT.EDU (subj)
Mon Mar 31 19:29:09 2003
Date: 31 Mar 2003 10:37:17 -0000
Message-ID: <20030331103717.8235.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: subj <r2subj3ct@dwclan.org>
To: bugtraq@securityfocus.com
---------------------------------------
Product : Personal FTP Server
Version : ?
OSystem : Windows
Authors : CoolSoft
WebSite : http://www.cooolsoft.com
Problem :
* Buffer Overflow in field USER
---------------------------------------
Description:
------------
eng:
====
Overflow of the buffer occurs in field USER if contain with field USER to
transfer more than 320 bytes of dust.
The ambassador realization of the above described operation, the server
simply will fall, and will not respond as on client,
And any other searches. To close server it is possible to awake only end
of process
Exploit:
--------
*************************************
>>Telnet 127.0.0.1:21
220 Personal FTP Server ready
>>USER AAAAAAA...AAAAA [320b]
*************************************
Contacts:
---------
r2subj3ct@dwclan.org
subj.24h.to (www.dwcgr0up.com/subj/)
www.dwcgr0up.com
irc.dwcgr0up.biz #dwc
Thanks:
-------
DHG, GipsHack, Netp0is0n, de1irium, r00tc0de, f0kp, exploit.ru,
security.nno.ru
DethSpirit, r4ShRaY, D4rkGr3y, 3APA3A, Moby, Orb, Foster, Owned, prior,
Demon.
