Bounce vulnerability in SpoonFTP 1.1.0.1

From: Arne Vidstrom (arne.vidstromat_private)
Date: Sat Jan 19 2002 - 18:05:32 PST

Next message: Strumpf Noir Society: "[resend] Avirt Gateway Telnet Vulnerability (and more?)"

Previous message: Andrew Griffiths: "remote memory reading through tcp/icmp"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The vulnerability:

The FTP server is vulnerable to the FTP bounce attack, even against ports
lower than 1024.

Vendor Response:

Pi-Soft have created a new version that among other things fix this
vulnerability. Their response was very nice and quick.


/Arne Vidstrom, http://ntsecurity.nu

Next message: Strumpf Noir Society: "[resend] Avirt Gateway Telnet Vulnerability (and more?)"
Previous message: Andrew Griffiths: "remote memory reading through tcp/icmp"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Jan 20 2002 - 14:09:55 PST