lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20041220002136.9833.qmail@www.securityfocus.com>
Date: 20 Dec 2004 00:21:36 -0000
From: Luca Ercoli <luca.ercoli@...ind.it>
To: bugtraq@...urityfocus.com
Subject: Crystal FTP Pro Client Buffer Overflow




Package: Crystal FTP Pro
Auth: http://www.casdk.com/
Version: 2.8 (current release) and below
Vulnerability Type: Arbitrary Command Execution


Crystal FTP Pro Description (from the Developer):

Crystal FTP Pro is a Top awarded FTP client for dummies and experts.
The state of the art user-interface used in Crystal FTP Pro makes it
possible for first time FTP users to be productive and transfer files
over the Internet within minutes, and yet it satisfies FTP veterans
with its highly configurable layout and easy access to advanced
FTP tools. With the flexible Crystal FTP Pro, you can accomplish all
FTP jobs with success. No matter if its publishing a web page,
downloading demos, software, MP3 files and images or transferring
high volume files over an unstable connection. Crystal FTP Pro does
it all.


Vulnerability Description:

Crystal FTP Pro client, does not perform bound checking
on the results returned by 'LIST' command.
A malicious ftp server, could execute arbitrary code on
the target user's client, replies to a 'LIST' command
request with a file list that contain a long file extension.

Example:

le.AAAAAAAAAAAA...(over 250 characters)

The code will be executed with the privileges
of the user running the ftp client.









Credits:

-- 
Luca Ercoli <luca.ercoli [at] inwind.it>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ