Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability

From: Ussr Labs (labsat_private)
Date: Tue Nov 16 1999 - 22:22:09 PST

Next message: Ultor: "Re: ssh 1.2.27 limits patch"

Previous message: gregory duchemin: "NEUROCOM: Nashuatec D445/435 vulnerabilities updated"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability

PROBLEM

UssrLabs found a Local/Remote DoS Attack in G6 FTP Server v2.0 (beta 4/5),
the buffer overflow is caused by a long user name,  2000 characters.
the G6FTP start to do infinites loops in the main program,and start eating
all memory and all computer resource CPU 100%, at the moment of no more
memory, if this happend ALL System is down :(

Example:
[gimmemore@itsme]$ telnet example.com 21
Trying example.com...
Connected to example.com.
Escape character is '^]'.
220-G6 FTP Server v2.0 (beta 5) ready ...
USER {buffer)

Binary/Source for this D.O.S:

http://www.ussrback.com/g6ftp/


Where buffer is 2000 characters.

Vendor Status:
Not Contacted

Vendor   Url:  http://www.gene6.com/
Program Url: http://www.gene6.com/g6ftpd/download.html

Credit: USSRLABS

SOLUTION
    Nothing yet.

u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c h
http://WWW.USSRBACK.COM

Next message: Ultor: "Re: ssh 1.2.27 limits patch"
Previous message: gregory duchemin: "NEUROCOM: Nashuatec D445/435 vulnerabilities updated"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:13:00 PDT