Vulnerability Development mailing list archives
Possible Buffer Overflow in CesarFTP
From: "Matthew Murphy" <mattmurphy () kc rr com>
Date: Fri, 30 Aug 2002 20:34:25 -0500
I suspect a buffer overflow vulnerability in CesarFTP (v0.99e tested) that exists in "server.exe". When receiving a command that contains a parameter of about 1200 characters, it drops all of its sessions and server.exe terminates. However, the controller restarts the killed process. I looked in the event log -- it makes no mention of the lengthy command. Any ideas? "The reason the mainstream is thought of as a stream is because it is so shallow." - Author Unknown
Current thread:
- Possible Buffer Overflow in CesarFTP Matthew Murphy (Aug 31)