Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Cerberus FTP Server 1.x Remote DoS attack Vulnerability

From: Cartel Informatique Security Research Labs <srl () cartel-info fr>
Date: Thu, 21 Jun 2001 16:22:12 +0200
Cerberus FTP Server 1.x Remote DoS attack Vulnerability

Cartel Advisory Code:  CART-0101


Vendor Affected:

greenepa's:
http://www.greenepa.net/~averett/

Public Disclosure Date:
21-06-2001


Systems Affected:
Cerberus FTP Server, 1.x (1.2 and 1.5 were tested only)

Credits: 
Nicolas Brulez - Brulez () cartel-info fr

Problem:

Cartel security team has found a buffer overflow in the Cerberus FTP
server,
which means that an attacker can execute a denial of service attack
against it.This attack will crash the server, without any error.
FTP service is then unavailable.

Note: 

The binary exploit is given as a proof of concept.
It is for educational purpose only.
Cartel team can't be held responsible for anything you do
with this file.
The exploit file has been fully coded in Win32 assembly language.

Example: 

220-Welcome to Cerberus FTP Server
220 Created by Grant Averett
USER [buffer]
PASS [anything]


[buffer] is aprox. 320 characters.

note:

A good combination of the buffer and pass is needed in order to
crash the server.Passing only a BIG user won't crash anything.


Date of Vendor Notification:
20-6-2001

Status:  

Waiting answer from the author.

Fix: 
none yet.


Greetings to my friends at:

USSR, Hert,Vauban systems and qualys.

About:

Cartel is a company based in France, dedicated to Research about network
security and
application security systems.


Security services provided are :

- Firewalls testing
- Network Penetration Testing
- Application Security Testing
- Data protecting
- Intrusion Detection systems
- Binary auditing
- Secured hosting
- Antivirus
- PKI
- VPN


Copyright (c) Cartel informatique Security Research LABS.
This Document is copyrighted.It can't be edited nor republished
without explicit consent of CARTEL LABS.

For more informations, feel free to contact us.

Cartel info security research labs
mail: srl () cartel-info fr
http://securite.cartel-info.fr/  (french site)

Attachment: killcerb.EXE
Description:

Previous By Date Next
Previous By Thread Next

Current thread: