Vulnerability Development mailing list archives
FTP.EXE format string vulnerability
From: ByteRage <byterage () yahoo com>
Date: Sun, 10 Jun 2001 02:07:50 -0700 (PDT)
It probably doesn't matter much, but besides the buffer overflow problem announced by Eliel C. SardaƱons, FTP.EXE also contains format string vulnerabilities : example : QUOTE GET %x the %x will be changed into a hex number, as you might see in the FTP Server logs Not a big deal but its annoying if you want to check *servers* for format string vulnerabilities... :( __________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/
Current thread:
- FTP.EXE format string vulnerability ByteRage (Jun 10)
- <Possible follow-ups>
- Re:FTP.EXE format string vulnerability ByteRage (Jun 10)
- Re: FTP.EXE format string vulnerability Jarno Huuskonen (Jun 14)