Giters

iricartb / buffer-overflow-warftp-1.65

Ivan Ricart Borges - WarFTP is prone to a stack-based buffer-overflow vulnerability because it fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized buffer.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

buffer-overflowcftp-serverwarftp

Buffer Overflow War FTP Daemon - CVE-2007-1567

Type: Unavailable / Other
Severity: High
Publication date: 03/21/2007
Last modified: 03/07/2011

Description

Stack-based buffer overflow in War FTP Daemon 1.65, and possibly earlier, allows remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors, as demonstrated by warftp_165.tar by Immunity.

NOTE: this might be the same issue as CVE-1999-0256, CVE-2000-0131, or CVE-2006-2171, but due to Immunity's lack of details, this cannot be certain.

Impact

Access Vector: Through network
Access Complexity: Low
Authentication: Not required to exploit
Impact Type: Total commitment on system integrity + Total commitment on system confidentiality + Total commitment on system availability

Vulnerable software

  • War FTP Daemon v1.65

Exploit

War FTP Username Stack-Based Buffer-Overflow Vulnerability Multiple Targets: C language

About

Ivan Ricart Borges - WarFTP is prone to a stack-based buffer-overflow vulnerability because it fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized buffer.

buffer-overflowcftp-serverwarftp

Languages

Language:C 100.0%