[29719] in bugtraq
Hyperion FTP server Remote DOS and unauthorised remote access.
daemon@ATHENA.MIT.EDU (moran zavdi)
Thu Apr 10 00:59:28 2003
From: "moran zavdi" <moraniam@hotmail.com>
To: bugtraq@securityfocus.com
Date: Tue, 08 Apr 2003 19:07:46 +0000
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_NextPart_000_717c_326b_521c"
Message-ID: <F135U8LKxnZDITBhfCn0003ceeb@hotmail.com>
------=_NextPart_000_717c_326b_521c
Content-Type: text/plain; format=flowed
08/04/03
DataSEC Advisory http://www.data-sec.com
-------------------------------------------------------
Application: Hyperion FTP Server
Web Site: http://www.mollensoft.com
Versions: 3.0.0
Platform: Windows
Bug: Buffer Overflow.
Risk: Remote DOS and unauthorised remote access.
---------------------
1) Introduction
2) Bug
3) The Code
4) Fix
===============
1) Introduction
===============
Hyperion FTP Server is a powerful, reliable FTP server for
Windows95/98/NT/2000, and supports all basic FTP commands,
and much more, such as passive mode.
======
2) Bug
======
Buffer Overflow in the USER field.
Any remote attacker can cause DOS and in some cases get
unauthorised remote access to the server.
when sending a string in the user field with more than 931 chars.
===========
3) The Code
===========
telnet <server> 21
A * 931
connection closed.
--
server overflow will occur.
======
4) Fix
======
Mollensoft have been informed about this issue and released a new
version, however they did not gave it a new version number.
Anyone who is using version installed before 5/4/03 is advised
to download and install the new version.
---------
Moran Zavdi
Security consultant
DataSEC
http://www.data-sec.com
moranz@datasecmail.com
_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
------=_NextPart_000_717c_326b_521c
Content-Type: text/plain; name="ds-08-04-2003.txt"; format=flowed
Content-Transfer-Encoding: 8bit
Content-Disposition: attachment; filename="ds-08-04-2003.txt"
08/04/03
DataSEC Advisory http://www.data-sec.com
-------------------------------------------------------
Application: Hyperion FTP Server
Web Site: http://www.mollensoft.com
Versions: 3.0.0
Platform: Windows
Bug: Buffer Overflow.
Risk: Remote DOS and unauthorised remote access.
---------------------
1) Introduction
2) Bug
3) The Code
4) Fix
===============
1) Introduction
===============
Hyperion FTP Server is a powerful, reliable FTP server for
Windows95/98/NT/2000, and supports all basic FTP commands,
and much more, such as passive mode.
======
2) Bug
======
Buffer Overflow in the USER field.
Any remote attacker can cause DOS and in some cases get
unauthorised remote access to the server.
when sending a string in the user field with more than 931 chars.
===========
3) The Code
===========
telnet <server> 21
A * 931
connection closed.
--
server overflow will occur.
======
4) Fix
======
Mollensoft have been informed about this issue and released a new
version, however they did not gave it a new version number.
Anyone who is using version installed before 5/4/03 is advised
to download and install the new version.
------=_NextPart_000_717c_326b_521c--
