-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- - -------------------------------------------- Roses Labs Security Advisory ---------------------------- Author: Conde Vampiro Roses Labs Advisory Code: RLA002 Date: 2/29/2000. Software: BisonWare FTP Server V3.5 Platform: Windows 9x/NT. Risk: Remote buffer overflow, that allow to crash the FTP Server. (Maybe also be possible to execute arbitrary code.) ------------ Introduction ------------ Bison FTP Server is a FTP server that runs on windows platforms. An intruder can launch an attack that will crash the FTP server. ------ Detail ------ Sending a "LOGIN" & "PASSWORD" of 550 characters each, will crash the FTP Server. This is the error that the FTP will produce: "Exception EAccessViolation in module BISONFTP.EXE at 0A0D4858. Access vilation at address 0A0D5858. Read of address 0A0D5858." ---- Code ---- Warning: Neither the Roses Labs or the author accept any responsibility of the use of this code. This code will crash the FTP server. --- Fix --- This problem is fixed in V4.1 out soon. ---- Note ---- This bug was found using Cyber Host Auditor (CHA). CHA is a security tool coded by The Roses Labs to discover in a easy way DoS & possible buffer overflows. Roses Labs / w00w00 http://www.roses-labs.com Advanced Security Research. - ---------------------------------------------------------------------- - -------------------------------------------- Ussr labs Release the Advisory the day 25/11/1999 reporting the BisonWare FTP Server V3.5 problem, i dont know why but is never posted in bugtraq. (we send the message). "Your message dated Wed, 24 Nov 1999 22:55:02 -0300 with subject "Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability" has been submitted to the moderator of the BUGTRAQ list: Elias Levy <aleph1at_private>." but nobody post it in bugtraq. http://www.ntsecurity.net/scripts/win2ks-l.asp?A2=IND9911D&L=WIN2KSECA DVICE&F=&S=&P=1327 Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability (44 lines) From: Ussr Labs <labsat_private> Date: Wed, 24 Nov 1999 22:52:41 -0300 http://www.ntsecurity.net/scripts/win2ks-l.asp?A2=IND9911D&L=WIN2KSECA DVICE&F=&S=&P=1541 SV: Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability SV: Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability (69 lines) From: Arne Vidstrom <winntat_private> Date: Thu, 25 Nov 1999 23:50:44 +0100 u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h http://www.ussrback.com -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com> iQA/AwUBOMSvbNybEYfHhkiVEQJWNACgpocEeWJy5jLKYyJiimyC4+mKZhYAoLwU v6dek/h+bVYxBu2QwXB6TWC8 =nTbQ -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:39:10 PDT