Bugtraq mailing list archives

Re: WS FTP Server Advisory

From: avalon () COOMBS ANU EDU AU (Darren Reed)
Date: Thu, 4 Feb 1999 00:29:07 +1100


[...]

AAAAAAAAAAAAAAAA
Connection to host lost.

The iFtpSvc.exe (Server Exe) process has now exited and therefore the
WS_FTP Server will no longer respond. There is no error displayed on
screen nor is the event log written to. The smallest amount of characters
needed it 876. So sending "cwd b" where b > 875 will crash the remote
server.


Evidence of an overflow of some sort.  The question I'm interested
in knowing the answer to is how easy is it to exploit this to obtain
a remote session or system access ?  Presumably starting up a
"command" window is not the answer here :-)

darren

Current thread:

WS FTP Server Advisory Marc (Feb 02)
- Re: WS FTP Server Advisory Darren Reed (Feb 03)
- distributed security stas lanford (Feb 03)