[HUC] Serv-U FTPD 3.x/4.x "SITE CHMOD" Command remote exploit V1.0
From: lion (lion_at_cnhonker.net)
Date: 01/26/04
- Previous message: Mandrake Linux Security Team: "MDKSA-2004:006 - Updated gaim packages fix multiple vulnerabilities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 27 Jan 2004 06:42:21 +0800 To: "bugtraq" <bugtraq@securityfocus.com>
/*
*-----------------------------------------------------------------------
*
* Servu.c - Serv-U FTPD 3.x/4.x "SITE CHMOD" Command
* Remote stack buffer overflow exploit
*
* Copyright (C) 2004 HUC All Rights Reserved.
*
* Author : lion
* : lion@cnhonker.net
* : http://www.cnhonker.com
* Date : 2004-01-25
* : 2004-01-25 v1.0 Can attack Serv-U v3.0.0.20~v4.1.0.11
* Tested : Windows 2000 Server EN/GB
* : + Serv-U v3.0.0.20~v4.1.0.11
* Notice : *** Bug find by kkqq kkqq@0x557.org ***
* : *** You need a valid account and a writable directory. ***
* Complie : cl Servu.c
* Usage : Servu <-i ip> <-t type> [-u user] [-p pass] [-d dir] [-f ftpport] [-c cbhost] [-s shellport]
*------------------------------------------------------------------------
*/
lion
lion@cnhonker.net
2004-01-27
- application/octet-stream attachment: servu.c
- Previous message: Mandrake Linux Security Team: "MDKSA-2004:006 - Updated gaim packages fix multiple vulnerabilities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
