NT/95 FTP client overflows

[arager () MCGRAW-HILL COM (arager () MCGRAW-HILL COM)]

     Hello All,

     My apologies if this is old news.

     While testing the WAR ftp bugs, I ran across some trivial, but
     interesting overflows in the NT 3.51/4.0, and Win95 FTP client.

     Seems that there are at least 3 separate overflow problems in the
     ftp client.

     -- 1st is with the username input.  Give a username more than 285
     chars, and ftp.exe will bomb with an access violation. This only seems
     to affect Win NT 3.51/4.0....mainly because Win95 will only allow a
     254 char username.
     -- 2nd is with the password input.  Not sure how many chars cause the
     condition, but hold down a key for a few minutes and press return.
     Should cause ftp to bomb. Seems to only happen with Win95, and looks
     like an overflow.
     -- 3rd is with the ftp command parser.  Type in any unrecognized
     command that is longer than 207 chars.  ftp.exe will bomb and produce
     an access violation again. This affects both NT and Win 95 ftp
     clients.

     These bugs are not really much of a concern....but it does show that
     MS's code is chock full of overflows.  What else has these sorts of
     problems?  Makes you wonder...........


     Anton Rager
     arager () McGraw-Hill com