Re: WS FTP Server Advisory

From: Darren Reed (avalonat_private)
Date: Wed Feb 03 1999 - 05:29:07 PST

Next message: Jeff Roberson: "Re: More oshare testing."

Previous message: Jan B. Koum: "Re: No Security is Bad Security:"
Maybe in reply to: Marc: "WS FTP Server Advisory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[...]
> AAAAAAAAAAAAAAAA
> Connection to host lost.
>
> The iFtpSvc.exe (Server Exe) process has now exited and therefore the
> WS_FTP Server will no longer respond. There is no error displayed on
> screen nor is the event log written to. The smallest amount of characters
> needed it 876. So sending "cwd b" where b > 875 will crash the remote
> server.

Evidence of an overflow of some sort.  The question I'm interested
in knowing the answer to is how easy is it to exploit this to obtain
a remote session or system access ?  Presumably starting up a
"command" window is not the answer here :-)

darren

Next message: Jeff Roberson: "Re: More oshare testing."
Previous message: Jan B. Koum: "Re: No Security is Bad Security:"
Maybe in reply to: Marc: "WS FTP Server Advisory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:32:25 PDT