> > Summary > > Possible buffer overflow in windows ftp client... > > Ok, and what do you gain by this? > Also see previous threads (yes they are a while ago) > "ftp.exe buffer overflow" and "FTP.exe risk:low" about > some other bugs in the ftp client (format string bugs). > look at the conclusion of the advisory: Conclusion So is prolly possible execute code in the system, and for sure crash the client (will ever be useful:P?) <- should i make it bold? i wrote the advisory because its a spreaded program not because it was dangerous:) > Anyway, if you like client side bugs you could better search for something > like server sending "evilstuff" to client which causes (for example) an overflow. > In that case you could write a remote exploit... _that_ would be a security bug ill make some test and send some string from the SERVER to the client to see if i can crash it up -if i got the time- cya supergate.
This archive was generated by hypermail 2b30 : Thu Nov 01 2001 - 12:04:27 PST