Full Disclosure mailing list archives
Re: PlatinumFTP 1.0.18 remote DoS
From: ports <ml () portsonline net>
Date: Sat, 12 Mar 2005 21:09:25 +0100
Gary H. Jones II wrote:
That software uses an FTP server ActiveX control made by Mabry Software. Any ftp server that uses this activex control is vulnerable. The ActiveX control is the cause of these bugs, not the PlatinumFTP software itself, when I took a look at the software, I noticed it was written in VB5, finding a format string in a program written in VB would be a *very* rare find, so I figured there would be a 3rd party control within the app that was written in C++. I ran it through a debugger, passed a few %s's and watched it crash. The title of the error message is "Mabry Socket Window: PlatinumFTPserverEngine.exe - Application Error", this is what lead to the discovery of the real issue. I downloaded the latest sample/demo of this ActiveX, and it is still vulnerable when you run VBSampleOCX.exe. Available here http://www.mabry.com/ftpserv/index.htm.
Thanks for this useful informations! :) At least it was nice to make the 'PlatinumFTP 1.0.18 remote DoS' posting, although it's getting more and more useless ;)
ports _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
Current thread:
- PlatinumFTP 1.0.18 remote DoS ports (Mar 12)
- Re: PlatinumFTP 1.0.18 remote DoS Gary H. Jones II (Mar 12)
- Re: PlatinumFTP 1.0.18 remote DoS ports (Mar 12)
- Re: PlatinumFTP 1.0.18 remote DoS Gary H. Jones II (Mar 12)
- Re: PlatinumFTP 1.0.18 remote DoS ports (Mar 12)
- Re: PlatinumFTP 1.0.18 remote DoS ports (Mar 12)
- Re: PlatinumFTP 1.0.18 remote DoS Gary H. Jones II (Mar 12)