Bugtraq mailing list archives
Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability
From: labs () USSRBACK COM (Ussr Labs)
Date: Tue, 14 Dec 1999 03:57:08 -0300
Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability PROBLEM UssrLabs found a Local/Remote DoS Attack in War FTP Daemon 1.70 the buffer overflow is caused by a Multiples connections at the same time (over 60) in the ftp server , and some characters in the login name. There is not much to expand on.... just a simple hole For the source / binary of this remote / local D.O.S Go to: http://www.ussrback.com/ Vendor Status: Contacted. Vendor Url: http://www.jgaa.com Program Url: http://www.jgaa.com/warftpd.htm Credit: USSRLABS SOLUTION Nothing yet. u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h http://www.ussrback.com
Current thread:
- Big problem on 2.0.x? Eduardo Cruz (Dec 09)
- Re: Big problem on 2.0.x? Hugo.van.der.Kooij () CAIW NL (Dec 10)
- Re: Big problem on 2.0.x? Mike Ireton (Dec 10)
- <Possible follow-ups>
- Re: Big problem on 2.0.x? Stephen White (Dec 11)
- Privacy hole in Go Express Search Alfred Huger (Dec 13)
- Re: Big problem on 2.0.x? Jason Mills (Dec 13)
- [patch] Re: Big problem on 2.0.x? Andrea Arcangeli (Dec 14)
- Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability Ussr Labs (Dec 13)
- Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability Malartre (Dec 14)
- Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability Ussr Labs (Dec 14)
- Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability Federico - Comnet S.A. (Dec 15)
- Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70Vulnerability ussr secure (Dec 16)
- Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability Tim (Dec 15)
- Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability Ussr Labs (Dec 15)
- CERT Advisory CA-99-16 Buffer Overflow in Sun Solstice AdminSuite Daemon sadmind Elias Levy (Dec 14)
- Statement: Local / Remote D.o.S Attack in War FTP Daemon 1.70 Jarle Aase (Dec 16)
- Re: sshd1 allows unencrypted sessions regardless of server policy Michael H. Warfield (Dec 14)