Re: QPC FTPd Directory Traversal and BoF Vulnerabilities

From: Xander Teunissen (thejianat_private)
Date: Wed Apr 18 2001 - 10:53:06 PDT

Next message: Thomas Biege: "SuSE Security Announcement: sudo (SuSE-SA:2001:13)"

Previous message: Russ Allbery: "Re: Innfeed Buffer Overflow"
In reply to: Crono: "Re: QPC FTPd Directory Traversal and BoF Vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hehe lol.

C> Hi.

Hi :)

C> ¿are you sure that exist a buffer overflow on logon secuence?. I don´t know
C> if you tested it from a winnt box or from a win2000 box, but if you tested
C> under winnt, using the "ftp client" of winnt, you are maybe in a mistake

Yeah we're rather sure :P Thanks for the concern though.

Application exception occurred:

        App:  (pid=1942)

        Exception number: c0000005 (access violation)


*----> Task List <----*

1942 Ftpd.exe

Besides, the ftp.exe coming with Win2k needs to be fed a rather large
chunk of data, 1995+ bytes I believe? This particular ftpD needs only
655, as mentioned.

Thejian

--
Best regards,
 Thejian                            mailto:thejianat_private

"Carpe Jugulum: Go for the throat!"

Next message: Thomas Biege: "SuSE Security Announcement: sudo (SuSE-SA:2001:13)"
Previous message: Russ Allbery: "Re: Innfeed Buffer Overflow"
In reply to: Crono: "Re: QPC FTPd Directory Traversal and BoF Vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 19 2001 - 21:05:47 PDT