Full Disclosure mailing list archives
Re: XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow
From: icbm <icbm () 0x557 net>
Date: Wed, 11 Feb 2004 10:25:54 +0800
Stefan Esser wrote: | Morning | | |>XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow | | | beside the fact that EvolutionX is illegal software, because it is | compiled against the leaked Microsoft XBOX XDK, your indepth analysis | lacks the most funny part: | | You can crash evolutionX by just connecting to the ftp server and | supplying a long username:password combination. | | Ohh and unlike your crashes this one is preauth. | | Stefan Esser | | Morning s.esser:) Yep,EvolutionX is a illegal software...But it give us most advanced features(right?)and analysing it is funny:P My analysis is not deep but I haven't forgotten the preauth part.Itcan't crash my 3935 evox by supplying a long username:passwd( maybe it not long enough:(?) so what's your version?.
zhao wei _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow icbm (Feb 09)
- Re: XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow Stefan Esser (Feb 10)
- Re: XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow icbm (Feb 11)
- Re: XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow Stefan Esser (Feb 10)