[...] > AAAAAAAAAAAAAAAA > Connection to host lost. > > The iFtpSvc.exe (Server Exe) process has now exited and therefore the > WS_FTP Server will no longer respond. There is no error displayed on > screen nor is the event log written to. The smallest amount of characters > needed it 876. So sending "cwd b" where b > 875 will crash the remote > server. Evidence of an overflow of some sort. The question I'm interested in knowing the answer to is how easy is it to exploit this to obtain a remote session or system access ? Presumably starting up a "command" window is not the answer here :-) darren
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:32:25 PDT