lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20041130022245.26354.qmail@www.securityfocus.com>
Date: 30 Nov 2004 02:22:45 -0000
From: Hongzhen Zhou <felix__zhou@...mail.com>
To: bugtraq@...urityfocus.com
Subject: CuteFTP 6.0 Professional Remote Buffer Overflow Vulnerability




Author:
Hongzhen Zhou(Fortinet, Inc) <felix__zhou _at_ hotmail _dot_ com>

DATE:
24/11/2004

PRODUCTS:
CuteFTP Professional - FTP client for Windows.

AFFECTED VERSION:
Versions verified to be vulnerable:
CuteFTP Professional 6.0 (latest verson)
Other versions are not tested.

DETAILS:
When CuteFTP Professional process replies to many commands from a 
malicious FTP server, if the reply code is big than 500(4xx works 
sometimes) and the length of text following is big than 65530, the 
Cute FTP Professional will crash. Only some command's replies are not
affected(like USER, PASS). It becomes even worse when the CuteFTP 
connects to server to wait for the welcome message reply, the malicious
server could send such a reply to crash it. 

We are not sure if this bug could be exploited to let the attacker 
execute arbitrary code remotely.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ