Re: FTP.exe risk:low

From: Matteo S. (sgalaat_private)
Date: Mon May 21 2001 - 09:47:44 PDT

Next message: David Hulton: "ToorCon 2k++ Call for Speakers"

Previous message: Bruno Mosconi: "Re: IE 5.x (5.50.4522.1800 SP1) Crash at gopher://:"
In reply to: Sardañons, Eliel: "FTP.exe risk:low"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, May 17, 2001 at 11:48:49AM -0300, Sardañons, Eliel wrote:
> 
> There are a lot of unchecked buffers in FTP.exe (client) try:
> 
> C:\>ftp
> ftp> put
> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
> AAAAAA
> 
> IP:0x41414141
> 
> Ups :)
> 
> This is not an important security problem but it makes you think about
> microsoft developers...
microsoft developers?

$ strings FTP.EXE |grep Copy
@(#) Copyright (c) 1983 The Regents of the University of California.

mhm strange... no?;) 

Matteo

-- 
     Matteo Sgalaberni                |     Web    : http://www.sgala.com
     --                               |     E-Mail : matteoat_private
     [Internet&Linux Development]     |     @IRCNet: SgAlA_2k @ #linux-it
     [PHP, Perl, SQL, etc...    ]     |
-------------------------------------------------------------------------------
Le donne sono come la birra: belle a vedersi, buone a gustarsi, e appena
ne hai avuta una, ne vuoi subito un'altra.
		-- Da it.hobby.umorismo

Next message: David Hulton: "ToorCon 2k++ Call for Speakers"
Previous message: Bruno Mosconi: "Re: IE 5.x (5.50.4522.1800 SP1) Crash at gopher://:"
In reply to: Sardañons, Eliel: "FTP.exe risk:low"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon May 21 2001 - 21:30:33 PDT