Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

new vulnerability inPowerFTP Personal FTP Server

From: securma massine <securma () caramail com>
Date: Wed, 09 Oct 2002 16:21:53 GMT+1
PowerFTP Personal FTP Server is a multithreaded FTP server
for the MS Windows OS by Cooolsoft.

The PowerFTPd is available from vendor Cooolsoft's website:
http://www.cooolsoft.com
I found a vulnerability has PowerFTP that allows a 
remote user--any user--to shut down the ftp server (tested 
on v 2.24)
I alerted coolsoft (05/10/2002) and as I did not have a 
response until A now
 1 - by opening a session telnet towards server ftp and 
sending a buffer we can crash th server
telnet 127.0.0.1 21
[banner..]
AAA(buffer)
the server is down
2- I realised an exploit being based on another 
vulnerability... I still seek possibility to exploit this 
fault differently. 
you can download and test my exploit 
http://www.securma.fr.fm/PFDOS.ZIP
when the attack is launched there is the following 
message: 
L exeption Exeption logicielle inconnue (0x0eedfade) s'ext 
produite dans l'application a l'emplacement 0x77e7f142

Exeption EFtpCtrlsocketexeption in module FTPServer.exe at 
00059DE6. Data in buffer , cant change size

This was tested against PowerFTP Personal FTP Server v2.24

securma () caramail com



_________________________________________________________ 
Envoyez des messages musicaux sur le portable de vos amis 
 http://mobile.lycos.fr/mobile/local/sms_musicaux/
Previous By Date Next
Previous By Thread Next

Current thread: