|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: AnalogX Proxy DoS
From: Pavel Machek (pavel
UCW.CZ)Date: Sun Jul 30 2000 - 14:11:36 CDT
- Next message: Chiaki Ishikawa: "Re: Chasing bugs / vulnerabilties"
- Previous message: labsMDMA.ZA.NET: "Two security flaws in Bajie Webserver"
- In reply to: labsFOUNDSTONE.COM: "AnalogX Proxy DoS"
- Next in thread: Iván Arce: "Re: AnalogX Proxy DoS"
- Reply: Pavel Machek: "Re: AnalogX Proxy DoS"
- Reply: Iván Arce: "Re: AnalogX Proxy DoS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi!
> Severity: Low
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Proof of concept
>
> Sending an FTP "USER" command containing approximately 370 or
> more characters to the proxy server FTP TCP port 21 will crash
> it.
>
> Example #1: nc 192.168.1.2 21 < ftp.txt
>
> Where ftp.txt contains:
> "USER [long string of ~370 chars]isp.com"
Denial of service only? It does not look so. It looks much more like
possibility to run arbitrary code on your windows machine! Or is
there specific reason why this can't be used to run arbitrary code?
Pavel
PS: It seems to me that many "Denial of Services" for windows machines
are "run arbitrary code" instead. It would be nice if people in
advisories told why their think that "run arbitrary code" is not
possible.
-- I'm pavel
- Next message: Chiaki Ishikawa: "Re: Chasing bugs / vulnerabilties"
- Previous message: labsMDMA.ZA.NET: "Two security flaws in Bajie Webserver"
- In reply to: labsFOUNDSTONE.COM: "AnalogX Proxy DoS"
- Next in thread: Iván Arce: "Re: AnalogX Proxy DoS"
- Reply: Pavel Machek: "Re: AnalogX Proxy DoS"
- Reply: Iván Arce: "Re: AnalogX Proxy DoS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]