Bugtraq mailing list archives
Re: WFTPD v2.40 FTPServer remotely exploitable buffer overflow vulnerability
From: core.lists.bugtraq () CORE-SDI COM (Alberto Soliño)
Date: Thu, 4 Nov 1999 16:59:26 -0300
Hi: This message attaches a workeable WFTPD 2.34 exploit for WIN NT 4.0 [SP3-4], Windows 95, Windows 98. In order to make it work, the attacker must have access (eg: the exploit works with anonymous access but it's easy to change, look at the source code). An interesting point is that if you don't have an account on the server and also tries to run the exploit the server stops answering requests and makes a GPF when the administrator of the server exits WFTPD. -- ==================[ CORE Seguridad de la Informacion S.A. ]========= Alberto Soliño email : asolino () core-sdi com Pte. Juan D. Peron 315 Piso 4 UF 17 www.core-sdi.com 1038 Capital Federal Buenos Aires, Argentina. Tel/Fax : +(54.11)43.31.54.02 Casilla de Correos 877 (1000) Correo Central ==================================================================== -- "Simplicity is the highest goal, achievable when you have overcome all difficulties." F. Chopin <HR> <UL> <LI>application/x-compressed attachment: wftpdexp.tgz </UL>
Current thread:
- Re: WFTPD v2.40 FTPServer remotely exploitable buffer overflow vulnerability Alun Jones (Nov 02)
- Re: WFTPD v2.40 FTPServer remotely exploitable buffer overflow vulnerability iarce (Nov 04)
- Re: WFTPD v2.40 FTPServer remotely exploitable buffer overflow vulnerability Alberto Soliño (Nov 04)
- Palm Hotsync vulnerable to DoS attack Aviram Jenik (Nov 04)
- RealNetworks RealServer G2 buffer overflow - WORKAROUND (fwd) ah1 () SECURITYFOCUS COM (Nov 04)
- Microsoft Security Bulletin (MS99-047) Aleph One (Nov 04)
- Re-release of Microsoft Security Bulletin MS99-042 Aleph One (Nov 04)