|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
possible remote buffer overflow in atftpd
From: Rick (rikul
interbee.com)
Date: Wed Jun 04 2003 - 16:11:50 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello,
There is possible remote buffer overflow in atftpd. It has to do with length
of filename which client sends to atftpd server. If you send filename over
~253 bytes, it crashes with segfault. When I attach to process with gdb I
can see it trying to run instruction from EIP 0x41414141. That cant be a
good thing. I've tested this on debian woody. I've creating proof of concept
exploit for it but having few troubles :)
later,
Rick Patel
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]