Vulnerability Development mailing list archives

Re: FTP.exe risk:low

From: "Matteo S." <sgala () sgala com>
Date: Mon, 21 May 2001 18:47:44 +0200

On Thu, May 17, 2001 at 11:48:49AM -0300, Sardañons, Eliel wrote:


There are a lot of unchecked buffers in FTP.exe (client) try:

C:\>ftp
ftp> put
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAA

IP:0x41414141

Ups :)

This is not an important security problem but it makes you think about
microsoft developers...

microsoft developers?

$ strings FTP.EXE |grep Copy
@(#) Copyright (c) 1983 The Regents of the University of California.

mhm strange... no?;) 

Matteo

-- 
     Matteo Sgalaberni                |     Web    : http://www.sgala.com
     --                               |     E-Mail : matteo () sgala com
     [Internet&Linux Development]     |     @IRCNet: SgAlA_2k @ #linux-it
     [PHP, Perl, SQL, etc...    ]     |
-------------------------------------------------------------------------------
Le donne sono come la birra: belle a vedersi, buone a gustarsi, e appena
ne hai avuta una, ne vuoi subito un'altra.
                -- Da it.hobby.umorismo

Current thread:

FTP.exe risk:low Sardañons , Eliel (May 21)
- Re: FTP.exe risk:low Kevin J. Menard, Jr. (May 21)
- Re: FTP.exe risk:low Enrique A. Sanchez Montellano (May 21)
- Re: FTP.exe risk:low Matteo S. (May 21)
- <Possible follow-ups>
- RE: FTP.exe risk:low Sardañons , Eliel (May 21)
  - Re[2]: FTP.exe risk:low Kevin J. Menard, Jr. (May 21)
- Re: FTP.exe risk:low Chris . (May 21)