OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
[Dailydave] ProFTPD commandbuffersize

From: Evgeny Legerov (admingleg.net)
Date: Wed Nov 22 2006 - 09:45:16 CST


Hi,

I've been suprised to hear that my 2 years old ProFTPD stack overflow exploit is
just another stupid configuration bug:
http://www.frsirt.com/english/advisories/2006/4451 ;-)

Well, I never discovered CommandBufferSize thing and vd_proftpd module exploits
completely different bug.

If you have a Immunity CANVAS license, you can see it for yourself - vd_proftpd
available as a part of VulnDisco Sample Pack since Monday.

--
Best regards,
Evgeny Legerov
GLEG Ltd, CEO
http://www.gleg.net

_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave