PowerFTP Personal FTP Server is a multithreaded FTP server for the MS Windows OS by Cooolsoft. The PowerFTPd is available from vendor Cooolsoft's website: http://www.cooolsoft.com I found a vulnerability has PowerFTP that allows a remote user--any user--to shut down the ftp server (tested on v 2.24) I alerted coolsoft (05/10/2002) and as I did not have a response until A now 1 - by opening a session telnet towards server ftp and sending a buffer we can crash th server telnet 127.0.0.1 21 [banner..] AAA(buffer) the server is down 2- I realised an exploit being based on another vulnerability... I still seek possibility to exploit this fault differently. you can download and test my exploit http://www.securma.fr.fm/PFDOS.ZIP when the attack is launched there is the following message: L exeption Exeption logicielle inconnue (0x0eedfade) s'ext produite dans l'application a l'emplacement 0x77e7f142 Exeption EFtpCtrlsocketexeption in module FTPServer.exe at 00059DE6. Data in buffer , cant change size This was tested against PowerFTP Personal FTP Server v2.24 securmaat_private _________________________________________________________ Envoyez des messages musicaux sur le portable de vos amis http://mobile.lycos.fr/mobile/local/sms_musicaux/
This archive was generated by hypermail 2b30 : Wed Oct 09 2002 - 10:23:00 PDT