Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: AnalogX Proxy DoS

From: Iván Arce <core.lists.bugtraq () CORE-SDI COM>
Date: Wed, 2 Aug 2000 22:28:27 -0300
        

Pavel Machek wrote:


Hi!


Severity:               Low

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Proof of concept

        Sending an FTP "USER" command containing approximately 370 or
        more characters to the proxy server FTP TCP port 21 will crash
        it.

        Example #1: nc 192.168.1.2 21 < ftp.txt

        Where ftp.txt contains:
        "USER [long string of ~370 chars]@isp.com"


Denial of service only? It does not look so. It looks much more like
possibility to run arbitrary code on your windows machine! Or is
there specific reason why this can't be used to run arbitrary code?
                                                                Pavel
PS: It seems to me that many "Denial of Services" for windows machines
are "run arbitrary code" instead. It would be nice if people in
advisories told why their think that "run arbitrary code" is not
possible.



In the past months i've seen this type of advisories a lot. Apparently
the security people is not taking the time to assess the extend of the
problems they find.
I'd say that almost all buffer overflows UNLESS stated otherwise,
led to the posibility to run arbitrary code on the vulnerable machine.
A not explotable buffer overflow is generally harder to find than an
exploitable one.

 -ivan



--
I'm pavel () ucw cz. "In my country we have almost anarchy and I don't care."
Panos Katsaloulis describing me w.r.t. patents at discuss () linmodems org


--
"Understanding. A cerebral secretion that enables one having it to know
 a house from a horse by the roof on the house,
 It's nature and laws have been exhaustively expounded by Locke,
 who rode a house, and Kant, who lived in a horse." - Ambrose Bierce


==================[ CORE Seguridad de la Informacion S.A. ]=========
Iván Arce
Presidente
PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A
email   : iarce () core-sdi com
http://www.core-sdi.com
Pte. Juan D. Peron 315 Piso 4 UF 17
1038 Capital Federal
Buenos Aires, Argentina.              Tel/Fax : +(54-11) 4331-5402
Casilla de Correos 877 (1000) Correo Central
=====================================================================

--- For a personal reply use iarce () core-sdi com
Previous By Date Next
Previous By Thread Next

Current thread: