|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: johncybpk
gmx.netDate: Tue Nov 06 2001 - 04:07:46 CST
hi,
in addition to defcoms posting about the buffer overflow in WS_FTP 2.03,
i can confirm this for the WS_FTP 1.05 Version ( maybe minor version too...
)
IPSWITCH releases always patches for both Versions 1.x und 2.x, coz it seems
the
versions are maintained separately.
As IPSWITCH hasn't released a fix for the 1.05 Version yet, i thought it
should be mentioned here.
I had to enter 463 bytes after the STAT command, to stop the service
running.
Because the overflow is dependant on the size of the name of the server this
will differ
on other systems. A good playground to test the bo is between 460 and 500
bytes.
with some handy work, i got the defcom exploitcode running, but luckily not
so easy that
every script kid can exploit it remotely.
cheers
johnny
-- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]