| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4551432F.4070800@pacbell.net> Date: Tue, 07 Nov 2006 18:38:39 -0800 From: "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@...bell.net> To: Joxean Koret <joxeankoret@...oo.es> Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: WFTPD Pro Server 3.23 Buffer Overflow And did you email the vendor first? mailto:bugs@...is.com It's listed on his page you know... and have you given them a chance to fix it or are you "too lazy" to give a vendor a chance to fix things first before you full-disclosure them? There are some vendors that yeah.. it's hard to argue that they've not been given enough time to fix things...but may I ask you.... did you email the vendor first? At least try to contact them? In full disclosure, I know him and I've never ever seen him not be responsive and jump on a bug report...next time dude.... email is quite effective in contacting vendors... especially ones that are responsive, if a spam filter swallowed it up ... that's something that we're all having to unfortunately deal with these days... and I'll apologize if you did try to contact him. But as I said, historically speaking he's always been very responsive. (as someone said to me the spammers are hiring better coders these days...) Joxean Koret wrote: > WFTPD Pro Server 3.23 Buffer Overflow > ------------------------------------- > > A buffer overflow was found in the APPE command when > passing (as first) a long string > with slashes and/or backslashes. The exploit is > clearly exploitable as overwritting EIP > is quite easy but I'm too lazy... > > Attached goes an (unfinished) POC. > > Disclaimer > ---------- > > The information in this advisory and any of its > demonstrations is provided "as is" without any > warranty of any kind. > > I am not liable for any direct or indirect damages > caused as a result of using the information or > demonstrations provided in any part of this advisory. > --------------------------------------------------------------------------- > > Contact > ------- > Joxean Koret at <<<<<<<<@>>>>>>>>yah00<<<<<<dot>>>>>es > > > > ______________________________________________ > LLama Gratis a cualquier PC del Mundo. > Llamadas a fijos y móviles desde 1 céntimo por minuto. > http://es.voice.yahoo.com -- Letting your vendors set your risk analysis these days? http://www.threatcode.com If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down... http://blogs.technet.com/sbs _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists