Vulnerability Development mailing list archives
Re: ftp.exe buffer overflow ?
From: Lord Soth <hydrax () NETVISION NET IL>
Date: Mon, 12 Feb 2001 01:31:22 +0200
Sorry, but I get a 501 permission denied when I issue that. I've connected to ServU 2.5 for the purpose, using ftp.exe on Win98. Eli Riley Hassell wrote:
That problem was discussed a while ago with the unix/linux ftp clients. It's very interesting that Microsoft's ftp client has a similiar problem. ;) Possibly a format bug. --After reviewing it it looks like there is also a standard overflow. 'quote site exec <Ax1000>' overwrote the EIP =) ----- Original Message ----- From: "cyber_hunter" <cyber_hunter () LINUXBR COM BR> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Saturday, February 10, 2001 11:44 PM Subject: ftp.exe buffer overflow ?While I was reading something about wu-ftp I found an interesting buffer overflow on ftp.exe , first logon on any ftp server ( any ), then : quote site exec %s%s%s%s%s%s ( this will work even if server doesn't support site exec ) and : "ftp caused an invalid page fault in module MSVCRT.DLL ..." I don't know if an exploit can be made , and if this would be used for something. ps: I have not tried with any ftp client .
Current thread:
- Re: ftp.exe buffer overflow ?, (continued)
- Re: ftp.exe buffer overflow ? Perry Harrington (Feb 11)
- Re: ftp.exe buffer overflow ? Michal Zalewski (Feb 11)
- Re: ftp.exe buffer overflow ? Riley Hassell (Feb 15)
- Re: ftp.exe buffer overflow ? Michal Zalewski (Feb 15)
- Re: ftp.exe buffer overflow ? Benjamin Branch (Feb 15)
- Re: ftp.exe buffer overflow ? Bob Monkier (Feb 15)
- Re: ftp.exe buffer overflow ? Ryan Permeh (Feb 16)
- Internet explorer bug or Micromedia Flash bug ? cyber_hunter (Feb 19)
- Re: ftp.exe buffer overflow ? Antti Hakulinen (Feb 15)
- Message not available
- Re: ftp.exe buffer overflow ? Lincoln Yeoh (Feb 13)
- Re: ftp.exe buffer overflow ? Lord Soth (Feb 11)
- Message not available
- Re: /usr/bin/ddate buffer overflow enthh () FLASH NET (Feb 11)
- Re: /usr/bin/ddate buffer overflow Larry W. Cashdollar (Feb 14)