OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Cartel Informatique Security Research Labs (srlcartel-info.fr)
Date: Thu Jun 21 2001 - 09:26:09 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    A-FTP Anonymous FTP Server Remote DoS attack Vulnerability

    Cartel Advisory Code: CART-0102

    Vendor Affected:

    A-FTP Server - Eirik Helgeland
    softheadonline.no / softheadx-stream.no

    What It Is (from the author):
    A free Unix Compatible Anonymous FTP server, running hidden from the
    user.
    Can be started from a floppy without changing any ini or registry
    settings on the host
    machine.

    Public Disclosure Date:
    21-06-2001

    Systems Affected:
    a-FTP Anonymous FTP Server

    Credits:
    Nicolas Brulez - Brulezcartel-info.fr

    Problem:

    Cartel security team has found a buffer overflow in the A-FTP anonymous
    FTP server,
    which means that an attacker can execute a denial of service attack
    against it.
    Once the big buffer has been sent, the server is vulnerable.
    Only one more connection is needed to make the FTP service unavailable.

    extra Notes:

    If noone tries to login before the attacker's logout, the server will
    still work.
    Here comes a fully working exploit given as a proof of concept for
    educational purpose
    only.
    This exploit has been fully coded in Win32 assembly language.
    Cartel security team can't be held responsible for anything you do with
    this file.

    Example:

    220 Anonymous FTP Server Ready
    USER [buffer]

    [buffer] is around 2048 characters. (more or less)
    It now needs a connection in order to crash.
    Something like a : "ftp ip" will do the trick.
    result : FTP service is unavaiable.

    Date of Vendor Notification:
    20-6-2001

    Status:

    Waiting answer from the author.

    Fix:
    none yet.

    Greetings to my friends at:

    USSR, Hert,Vauban systems and qualys.

    About:

    Cartel is a company based in France, dedicated to Research about network
    security and
    application security systems.

    Security services provided are :

    - Firewalls testing
    - Network Penetration Testing
    - Application Security Testing
    - Data protecting
    - Intrusion Detection systems
    - Binary auditing
    - Secured hosting
    - Antivirus
    - PKI
    - VPN

    Copyright (c) Cartel informatique Security Research LABS.
    This Document is copyrighted.It can't be edited nor republished
    without explicit consent of CARTEL LABS.

    For more informations, feel free to contact us.

    Cartel info security research labs
    mail: srlcartel-info.fr
    http://securite.cartel-info.fr/ (french site)