>From the version 2.0.2 release notes....
2.0.3
Fixed buffer overrun which would allow malicious code to be executed on the server.
Fixed bug where the Resume value was not being reset to zero after use.
This caused the server to use the Resume marker on all subsequent RETR requests for
that session.
Fixed a bug which allowed a Denial Of Service attack.
Fixed a bug which allowed an infinite number of invalid commands to be sent to the
server by both logged-in and non-logged-in client programs written specifically for
that purpose. This would result in filling up the log if logging was turned on.
There is now a limit of 10 invalid commands per session.
Jason
----- Original Message -----
From: "Marc Weigert" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, August 08, 2001 7:42 PM
Subject: [WS_FTP Forum] WSFTP vulnerable??
Hello list,
we use WSFTP SERVER version 2.02 and we realized some abuse today. There
might be a HOLE within WSFTP SERVER with the problem of an authorized
visitor creating a NEW USER ACCOUNT with ROOT ACCESS and HOST/ADMINISTRATOR
RIGHTS. He was able to upload or download any files!
How can an EXPLOIT occur?
* buffer overload ?
* cmd.exe
* etc. ?
... and how can a repeat offense be prevented in the future ?
We have upgraded our software from 2.02 to 2.03 today and removed the
vulnerable FTP account.
Any help would be more than appreciated.
Cheers,
Marc
Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from
this list.
Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from
this list.
