Remote DoS Attack in Vermillion FTP Daemon (VFTPD) v1.23

From: Ussr Labs (labsat_private)
Date: Mon Nov 22 1999 - 05:08:39 PST

Next message: Jeff Bilicki: "[ COBALT ] Security Advisory - syslog"

Previous message: Anonymous: "(no subject)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Remote DoS Attack in Vermillion FTP Daemon (VFTPD) v1.23 Vulnerability

PROBLEM

UssrLabs found a Local/Remote DoS Attack in Vermillion FTP Daemon (VFTPD)
v1.23,
The buffer overflow is caused by a 3 times long cwd, 504 characters,

Example:
[gimmemore@itsme]$ telnet example.com 21
Trying example.com...
Connected to example.com.
Escape character is '^]'.
220 itsme FTP Server (vftpd 1.23) ready.
USER itsme
PASS ******
CWD (buffer)
CWD (buffer)
CWD (buffer)

Overflow.

For the source / binary of this remote / local D.O.S

Vendor Status:

Contacted

vendor: ARCANE SOFTWARE

Vendor   Url:  http://www.arcanesoft.com/
Program Url: http://www.arcanesoft.com/files/vftpd123.exe

Credit: USSRLABS

SOLUTION
    Nothing yet.

u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c h
http://www.ussrback.com

Next message: Jeff Bilicki: "[ COBALT ] Security Advisory - syslog"
Previous message: Anonymous: "(no subject)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:13:34 PDT