OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: DST2K0027: DoS in Faststream FTP++ 2.0
From: Security Team (SecurityTeamDELPHISPLC.COM)
Date: Tue Sep 12 2000 - 10:00:22 CDT


============================================================================
                            Delphis Consulting Plc
============================================================================

                           Security Team Advisories
                               [12/09/2000]

                            securityteamdelphisplc.com
                  [http://www.delphisplc.com/thinking/whitepapers/]

============================================================================
Adv : DST2K0027
Title : DoS in Faststream FTP++ 2.0
Author : DCIST (securityteamdelphisplc.com)
O/S : Microsoft Windows Nt 2000 Workstation (SP1)
Product : Faststream FTP++
Date : 12/09/2000

I. Description

II. Solution

III. Disclaimer

============================================================================

I. Description
============================================================================

Vendor URL: http://www.fastream.com/

Delphis Consulting Internet Security Team (DCIST) discovered the following
vulnerability in Faststream FTP++ Simple FTP Server under Windows NT.

Severity: medium

It is possible to cause Faststream FTP++ to consume all available CPU
indefinitely. This is done by connecting to port 21 upon which the FTP
listens
on and send 4.08k of DATA as a username. This will force the Simple FTP
server
to consume all CPU time available.

Note: It was also able to crash the FTP++ service with a buffer overrun
also,
this was however random and not producible to a reliable degree.

II. Solution
============================================================================

Vendor Status: Informed

Please find below the response we recieved from Fastream, we would like to
take this opertunity to thank Fastream for the speed of there response
(5hrs).

------
Dear Sir/Madam,

Thanks for letting us know about the problem with our program Fastream
FTP++.
We have immediately investigated the issue and released a fixed executable
availabe at: http://www.fastream.com/FTPpp2.exe (1.34MB)

Regards,

Gorkem Ates
------

III. Disclaimer
============================================================================
THE INFORMATION CONTAINED IN THIS ADVISORY IS BELIEVED TO BE ACCURATE AT
THE TIME OF PRINTING, BUT NO REPRESENTATION OR WARRANTY IS GIVEN, EXPRESS OR
IMPLIED, AS TO ITS ACCURACY OR COMPLETENESS. NEITHER THE AUTHOR NOR THE
PUBLISHER ACCEPTS ANY LIABILITY WHATSOEVER FOR ANY DIRECT, INDIRECT OR
CONSEQUENTIAL LOSS OR DAMAGE ARISING IN ANY WAY FROM ANY USE OF, OR RELIANCE
PLACED ON, THIS INFORMATION FOR ANY PURPOSE.
============================================================================
This e-mail and any files transmitted with it are intended solely for the
addressee and are confidential. They may also be legally
privileged.Copyright in them is reserved by Delphis Consulting PLC
["Delphis"] and they must not be disclosed to, or used by, anyone other than
the addressee.If you have received this e-mail and any accompanying files in
error, you may not copy, publish or use them in any way and you should
delete them from your system and notify us immediately.E-mails are not
secure. Delphis does not accept responsibility for changes to e-mails that
occur after they have been sent. Any opinions expressed in this e-mail may
be personal to the author and may not necessarily reflect the opinions of
Delphis

_____________________________________________________________________
** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net