SamiFTPd buffer overflow

From: admin@xxxxxxxxxxx
Date: 24 Jan 2006 19:58:19 -0000

Sami FTP server buffer overflow
Critical Security advisory #007 - 2006-01-24 16:20:08

Product: Sami FTP 2.0.1
Vuln type: Stack based buffer overflow
Risk: Moderate
Attack: Remote
Original advisory: http://www.critical.lt/?vulnerabilities/208

Sami FTP Server buffer overflow vulnerability

Product site: http://www.karjasoft.com/samiftp

Server is affected by a buffer overflow due to insufficient sanitization of user input, vulnerable parameter - USER. Vulnerability
is triggered when someone tries to view server log.

Proof Of Concept code execution exploit:
http://www.critical.lt/research/sami_ftp_poc.txt

Prev by Date: BlackWorm: 2 million infected? ISP notifications.
Next by Date: Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack
Previous by thread: BlackWorm: 2 million infected? ISP notifications.
Next by thread: Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack
Index(es):
- Date
- Thread

Relevant Pages

SecurityFocus Microsoft Newsletter #89
... MICROSOFT VULNERABILITY SUMMARY ... Ethereal GIOP Dissector Memory Exhaustion Vulnerability ... SSH Communications Secure Shell Server AllowedAuthentications... ... CVS Daemon RCS Off By One Local Buffer Overflow Vulnerability ...
(Focus-Microsoft)
Remote buffer overflow in MailEnable IMAP service [Hat-Squad Advisory]
... MailEnable's Mail Server software provides a enterprise messaging platform for Microsoft Windows NT/2000/XP/2003 systems. ... Two vulnerabilities were discovered by Hat-Squad Team in MailEnable's IMAP service including a stack based buffer overflow ... and an object pointer overwrite, both can lead to remote execution of arbitrary code. ... 8198 bytes will cause a stack buffer overflow.This vulnerability can be triggered before any kind of authentification. ...
(Bugtraq)
Switch Off Multiple Vulnerabilities
... Stack-based Buffer Overflow ... execute arbitrary code on the remote system - possibly with SYSTEM ... cause the server to execute a specially crafted request which will trigger ... vulnerability before such code is made public, ...
(Bugtraq)
[VulnWatch] Switch Off Multiple Vulnerabilities
... Stack-based Buffer Overflow ... execute arbitrary code on the remote system - possibly with SYSTEM ... cause the server to execute a specially crafted request which will trigger ... vulnerability before such code is made public, ...
(VulnWatch)
Re: Hacker attack?
... I guess his machine is looking for an nis server, ... CA-1999-16 Buffer Overflow in Sun Solstice AdminSuite Daemon sadmind ... CA-1999-05 Vulnerability in statd exposes vulnerability in automountd ...
(comp.os.linux.security)