Orenosv HTTP/FTP Server FTP Commands Remote Buffer Overflow Vulnerability
BID:13546
Info
Orenosv HTTP/FTP Server FTP Commands Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 13546 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2005-1666 |
| Remote: | Yes |
| Local: | No |
| Published: | May 08 2005 12:00AM |
| Updated: | Apr 16 2007 04:21PM |
| Credit: | Discovery is credited to Tan Chew Keong. |
| Vulnerable: |
Orenosv Orenosv HTTP/FTP Server 0.8.1 |
| Not Vulnerable: |
Orenosv Orenosv HTTP/FTP Server 0.8.1 a |
Discussion
Orenosv HTTP/FTP Server FTP Commands Remote Buffer Overflow Vulnerability
The FTP server shipped with Orenosv HTTP/FTP is prone to a remote buffer-overflow vulnerability.
This issue presents itself when the application handles excessive values supplied as filenames through various FTP commands.
A successful attack may corrupt memory, cause a denial of service, or execute arbitrary code.
Orenosv HTTP/FTP Server 0.8.1 is reportedly vulnerable; other versions may be affected as well.
The FTP server shipped with Orenosv HTTP/FTP is prone to a remote buffer-overflow vulnerability.
This issue presents itself when the application handles excessive values supplied as filenames through various FTP commands.
A successful attack may corrupt memory, cause a denial of service, or execute arbitrary code.
Orenosv HTTP/FTP Server 0.8.1 is reportedly vulnerable; other versions may be affected as well.
Exploit / POC
Orenosv HTTP/FTP Server FTP Commands Remote Buffer Overflow Vulnerability
Proof-of-concept examples are available:
MKD AAAAAAAA.... // 250 bytes filename
RMD AAAAAAAA.... // 250 bytes filename
DELE AAAAAAAA... // 249 bytes filename
The following proof-of-concept exploit is available:
Proof-of-concept examples are available:
MKD AAAAAAAA.... // 250 bytes filename
RMD AAAAAAAA.... // 250 bytes filename
DELE AAAAAAAA... // 249 bytes filename
The following proof-of-concept exploit is available:
Solution / Fix
Orenosv HTTP/FTP Server FTP Commands Remote Buffer Overflow Vulnerability
Solution:
The vendor has released Orenosv HTTP/FTP Server version 0.8.1a to address this issue.
Orenosv Orenosv HTTP/FTP Server 0.8.1
Solution:
The vendor has released Orenosv HTTP/FTP Server version 0.8.1a to address this issue.
Orenosv Orenosv HTTP/FTP Server 0.8.1
-
Orenosv orenosv081a-patch.zip
http://www.orenosv.com/pub/orenosv081a-patch.zip -
Orenosv orenosv081ai6-patch.zip
IPv6 patch.
http://www.orenosv.com/pub/orenosv081ai6-patch.zip
References
Orenosv HTTP/FTP Server FTP Commands Remote Buffer Overflow Vulnerability
References:
References:
- Orenosv HTTP/FTP Server Buffer Overflow Vulnerabilities (Tan Chew Keong)
- Orenosv HTTP/FTP Server Homepage (Orenosv)