SunFTP Buffer Overflow Vulnerability
BID:1638
Info
SunFTP Buffer Overflow Vulnerability
| Bugtraq ID: | 1638 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 01 2000 12:00AM |
| Updated: | Sep 01 2000 12:00AM |
| Credit: | First published in a SecuriTeam advisory released on September 1, 2000. |
| Vulnerable: |
Rasmus J.P. Allenheim SunFTP 1.0 Build 9 |
| Not Vulnerable: | |
Discussion
SunFTP Buffer Overflow Vulnerability
SunFTP is a small freeware ftp server created by XS4ALL Data. It is possible to launch a DoS attack against the server by sending more than 2100 characters to the server, which will cause it to crash. This is the result of a buffer overrun condition, where excessive user input overwrites critical data in the application's memory. It may be possible for a hacker to execute arbitrary code on the target as well, but this is uncomfirmed.
SunFTP is a small freeware ftp server created by XS4ALL Data. It is possible to launch a DoS attack against the server by sending more than 2100 characters to the server, which will cause it to crash. This is the result of a buffer overrun condition, where excessive user input overwrites critical data in the application's memory. It may be possible for a hacker to execute arbitrary code on the target as well, but this is uncomfirmed.