lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CA+PFrLkkpQc1ExjCXAiivWhQLk3LP2djFbZgUnvrbVHU53Mu2A@mail.gmail.com>
Date: Tue, 9 Oct 2012 16:58:06 +0200
From: Anil Pazvant <pazwant@...il.com>
To: bugtraq@...urityfocus.com
Subject: WingFTP Server Denial of Service Vulnerability

----------------------------------------------------------------------------------

|  WingFTP Server Denial of Service Vulnerability  |

-----------------------------------------------------------------------------------

Summary

=======

WingFTP server  is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to cause the service to crash,
denying service to legitimate users



CVE number: CVE-2012-4729

Impact: High

Vendor homepage: http://www.wftpserver.com/serverhistory.htm#gotop

Vendor notified: 30/08/2012

Vendor response: Vendor fixed the vulnerability and released the fix.

.

Affected Products

======== ========
Windows Platforms.


Details
=======

It is possible the crash the process by sending two sequential request
to zip file option by authenticated users.

The output of debugger:



(6e4.c4c): C++ EH exception - code e06d7363 (first chance) ( After
first request )


eax=026a6b80 ebx=00000001 ecx=00000004 edx=00000000 esi=00000001 edi=00000000
eip=7c90e514 esp=014ce1cc ebp=014ce1dc iopl=0         nv up ei ng nz na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000286
ntdll!KiFastSystemCallRet:
7c90e514 c3              ret

Impact

======

Process crashed and the all services down.


Solution
========

Issue was fixed on Version 4.1.1

http://www.wftpserver.com/serverhistory.htm#gotop

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ