RobotFTP Server Username Buffer Overflow Vulnerability
BID:9672
Info
RobotFTP Server Username Buffer Overflow Vulnerability
| Bugtraq ID: | 9672 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2004-0286 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 16 2004 12:00AM |
| Updated: | Jul 12 2009 03:06AM |
| Credit: | Discovery of this vulnerability has been credited to gsicht gsicht <[email protected]>. |
| Vulnerable: |
RobotFTP RobotFTP Server 2.0 Beta 1 RobotFTP RobotFTP Server 1.0 |
| Not Vulnerable: | |
Discussion
RobotFTP Server Username Buffer Overflow Vulnerability
A vulnerability has been reported for RobotFTP Server. The problem likely occurs due to insufficient bounds checking when processing 'USER' command arguments of excessive length.
A vulnerability has been reported for RobotFTP Server. The problem likely occurs due to insufficient bounds checking when processing 'USER' command arguments of excessive length.
Exploit / POC
RobotFTP Server Username Buffer Overflow Vulnerability
The following proof of concept denial of service exploit has been supplied:
The following proof of concept denial of service exploit has been supplied:
Solution / Fix
RobotFTP Server Username Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
RobotFTP Server Username Buffer Overflow Vulnerability
References:
References:
- RobotFTP Server Homepage (RobotFTP Server)
- buffer overflow in Robot FTP Server (gsicht gsicht