(BisonWare FTP Server V3.5 Roses Labs Security Advisory) is a old

From: Ussr Labs (labsat_private)
Date: Mon Mar 06 2000 - 23:27:40 PST

Next message: Michael Meskes: "Re: Corel Linux 1.0 dosemu default configuration: Local root vuln"

Previous message: Lamagra Argamal: "Re: dump buffer overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----------------------------------------------------------------------
- --------------------------------------------
		Roses Labs Security Advisory
                ----------------------------

  Author: Conde Vampiro
  Roses Labs Advisory Code: RLA002
  Date: 2/29/2000.
  Software: BisonWare FTP Server V3.5
  Platform: Windows 9x/NT.
  Risk: Remote buffer overflow, that allow
  to crash the FTP Server. (Maybe also be
  possible to execute arbitrary code.)

  ------------
  Introduction
  ------------

	Bison FTP Server is a FTP server that
  runs on windows platforms. An intruder can launch
  an attack that will crash the FTP server.

  ------
  Detail
  ------

	Sending a "LOGIN" & "PASSWORD" of 550 characters
  each, will crash the FTP Server. This is the error that
  the FTP will produce:

  "Exception EAccessViolation in module BISONFTP.EXE at
   0A0D4858. Access vilation at address 0A0D5858. Read of
   address 0A0D5858."

  ----
  Code
  ----

	Warning: Neither the Roses Labs or the author accept
  any responsibility of the use of this code. This code will
  crash the FTP server.

  ---	
  Fix
  ---

	This problem is fixed in V4.1 out soon.

  ----
  Note	
  ----

	This bug was found using Cyber Host
  Auditor (CHA). CHA is a security tool coded by
  The Roses Labs to discover in a easy way DoS &
  possible buffer overflows.

  Roses Labs / w00w00
  http://www.roses-labs.com
  Advanced Security Research.


- ----------------------------------------------------------------------
- --------------------------------------------

Ussr labs Release the Advisory the day 25/11/1999 reporting the
BisonWare FTP Server V3.5 problem, i dont know why
but is never posted in bugtraq. (we send the message).

"Your message dated Wed, 24 Nov  1999 22:55:02 -0300 with subject
"Remote DoS
Attack in BisonWare FTP Server V3.5 Vulnerability" has been submitted
to the
moderator of the BUGTRAQ list: Elias Levy
<aleph1at_private>."

but nobody post it in bugtraq.



http://www.ntsecurity.net/scripts/win2ks-l.asp?A2=IND9911D&L=WIN2KSECA
DVICE&F=&S=&P=1327
Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability
Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability (44
lines)
From: Ussr Labs <labsat_private>
Date: Wed, 24 Nov 1999 22:52:41 -0300



http://www.ntsecurity.net/scripts/win2ks-l.asp?A2=IND9911D&L=WIN2KSECA
DVICE&F=&S=&P=1541
SV: Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability
SV: Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability (69
lines)
From: Arne Vidstrom <winntat_private>
Date: Thu, 25 Nov 1999 23:50:44 +0100



u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c
h
http://www.ussrback.com


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com>

iQA/AwUBOMSvbNybEYfHhkiVEQJWNACgpocEeWJy5jLKYyJiimyC4+mKZhYAoLwU
v6dek/h+bVYxBu2QwXB6TWC8
=nTbQ
-----END PGP SIGNATURE-----

Next message: Michael Meskes: "Re: Corel Linux 1.0 dosemu default configuration: Local root vuln"
Previous message: Lamagra Argamal: "Re: dump buffer overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:39:10 PDT