bftpd Buffer Overflow Vulnerability
BID:1858
Info
bftpd Buffer Overflow Vulnerability
| Bugtraq ID: | 1858 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 27 2000 12:00AM |
| Updated: | Oct 27 2000 12:00AM |
| Credit: | This vulnerability was first publicly announced by Christophe BAILLEUX ([email protected]) in a post to Bugtraq on October 27, 2000. |
| Vulnerable: |
Max-Wilhelm Bruker bftpd 1.0.11 |
| Not Vulnerable: | |
Discussion
bftpd Buffer Overflow Vulnerability
bftpd is a free implementation of an ftp daemon designed to run on multiple architectures and versions of UNIX. A buffer overflow exists in the daemon that could create potential problems.
bftpd contains a buffer overflow in the USER command, in which an input of greater than 35 characters will result in a segmentation fault. It is reported that bftpd program design prevents an elevation of priviledges by means of character filtering. However, it is possible for a malicious user to crash their own session by means of invalid input.
bftpd is a free implementation of an ftp daemon designed to run on multiple architectures and versions of UNIX. A buffer overflow exists in the daemon that could create potential problems.
bftpd contains a buffer overflow in the USER command, in which an input of greater than 35 characters will result in a segmentation fault. It is reported that bftpd program design prevents an elevation of priviledges by means of character filtering. However, it is possible for a malicious user to crash their own session by means of invalid input.
Exploit / POC
bftpd Buffer Overflow Vulnerability
See discussion.
See discussion.
Solution / Fix
bftpd Buffer Overflow Vulnerability
Max-Wilhelm Bruker bftpd 1.0.11
Max-Wilhelm Bruker bftpd 1.0.11
-
Max-Wilhelm Bruker bftpd
http://c.codercity.de/bruksoft/bftpd/src/bftpd-1.0.12.tar.gz
References
bftpd Buffer Overflow Vulnerability
References:
References: