Tiny FTPd USER Command Overflow DoS

2006-05-06T02:52:23
ID OSVDB:25767
Type osvdb
Reporter Oo(smiley75@linuxmail.org)
Modified 2006-05-06T02:52:23

Description

Vulnerability Description

A remote overflow exists in Tiny FTPd. Tiny FTPd fails to check bounds for USER command resulting in a overflow. With a specially crafted request, an attacker can cause crash of service resulting in a loss of availability.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A remote overflow exists in Tiny FTPd. Tiny FTPd fails to check bounds for USER command resulting in a overflow. With a specially crafted request, an attacker can cause crash of service resulting in a loss of availability.

References:

Other Advisory URL: http://www.securiteam.com/exploits/5LP032KIKC.html Other Advisory URL: http://www.ph4nt0m.org/bbs/showthread.php?s=417354a9a7c85e959d174d0e0e040ac0&threadid=30080&goto=nextnewest Generic Exploit URL: http://www.milw0rm.com/exploits/1758 CVE-2006-7007