Re: Cerberus FTP Server Can Be Crashed by Remote Users
|
|
SecurityTracker Alert ID: 1001938 |
|
SecurityTracker URL: http://securitytracker.com/id/1001938
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jul 6 2001
|
Impact:
Denial of service via network
|
|
Version(s): 1.x (1.2 and 1.5 were tested)
|
Description:
A vulnerability was reported in the Cerberus FTP Server that lets remote users crash the service.
A user notes that Cerberus FTPd contains several other buffer overflows, including PASS <long>, and PASV\n x (lots).
For details on the original vulnerability report, see the Message History.
|
Impact:
A remote user can cause the FTP server to crash.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.greenepa.net/~averett/ (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Wed, 4 Jul 2001 10:48:46 +0200
Subject: CesarFTPd, Cerberus FTPd
|
Hi all,
Long arguments for USER, PASS, PORT, DELE, REST, RMD, and MKD (perhaps
others as well) sent to CesarFTPd (www.aclogic.com) will cause a stack
overflow. I e-mailed the vendor almost 2 weeks ago and have recieved no
response. :-/ Cerberus FTPd (mentioned in some-one's BugTraq post earlier -
I forget who), has a couple of other overflows which weren't mentioned (PASS
<long>, PASV\n x (lots), etc) and this vendor is also irresponsive.
It seems that developers who make free software for the Win32 platform tend
to believe that because their product is free, they don't have to maintain
it at all, nor release source so that other people can. :-/
Anyway, these two daemons should be considered insecure - don't run them.
Cheers,
Andrew Lewis
--
wizdumb at leet dot org
http://www.mdma.za.net/fk
|
|
