Bugtraq mailing list archives
Re: AnalogX Proxy DoS
From: Iván Arce <core.lists.bugtraq () CORE-SDI COM>
Date: Wed, 2 Aug 2000 22:28:27 -0300
Pavel Machek wrote:
Hi!Severity: Low~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Proof of concept Sending an FTP "USER" command containing approximately 370 or more characters to the proxy server FTP TCP port 21 will crash it. Example #1: nc 192.168.1.2 21 < ftp.txt Where ftp.txt contains: "USER [long string of ~370 chars]@isp.com"Denial of service only? It does not look so. It looks much more like possibility to run arbitrary code on your windows machine! Or is there specific reason why this can't be used to run arbitrary code? Pavel PS: It seems to me that many "Denial of Services" for windows machines are "run arbitrary code" instead. It would be nice if people in advisories told why their think that "run arbitrary code" is not possible.
In the past months i've seen this type of advisories a lot. Apparently the security people is not taking the time to assess the extend of the problems they find. I'd say that almost all buffer overflows UNLESS stated otherwise, led to the posibility to run arbitrary code on the vulnerable machine. A not explotable buffer overflow is generally harder to find than an exploitable one. -ivan
-- I'm pavel () ucw cz. "In my country we have almost anarchy and I don't care." Panos Katsaloulis describing me w.r.t. patents at discuss () linmodems org
-- "Understanding. A cerebral secretion that enables one having it to know a house from a horse by the roof on the house, It's nature and laws have been exhaustively expounded by Locke, who rode a house, and Kant, who lived in a horse." - Ambrose Bierce ==================[ CORE Seguridad de la Informacion S.A. ]========= Iván Arce Presidente PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836 B25D 207B E78E 2AD1 F65A email : iarce () core-sdi com http://www.core-sdi.com Pte. Juan D. Peron 315 Piso 4 UF 17 1038 Capital Federal Buenos Aires, Argentina. Tel/Fax : +(54-11) 4331-5402 Casilla de Correos 877 (1000) Correo Central ===================================================================== --- For a personal reply use iarce () core-sdi com
Current thread:
- Re: AnalogX Proxy DoS Iván Arce (Aug 02)