Bugtraq mailing list archives
[vulnwatch] Titan FTP Server Long Command Heap Overflow Vulnerability
From: "lion" <lion () cnhonker net>
Date: Mon, 30 Aug 2004 02:38:00 +0800
[vulnwatch] Titan FTP Server Long Command Heap Overflow Vulnerability www.cnhonker.com Security Advisory Advisory Name: Titan FTP Server Long Command Heap Overflow Vulnerability Release Date: 08/30/2004 Affected version: Titan FTP Server <= 3.21 Author: lion <lion () cnhonker net> Overview: A vulnerability has been found in Titan FTP Server. The problem \ is when a user logged in, send a command with 20480 size to target \ will make a heap overflow. for example: "CWD xxxxxxxxxxx..." "LIST xxxxxxxxxxx..." "STAT xxxxxxxxxxx..." .... Exploit: PoC exploit attached. About HUC: HUC is still alive.
Attachment:
titanftp.c
Description:
Current thread:
- [vulnwatch] Titan FTP Server Long Command Heap Overflow Vulnerability lion (Aug 31)