TYPSoft FTP Server Long USER/CWD Overflow DoS

2000-09-12T00:00:00
ID OSVDB:6800
Type osvdb
Reporter dethy(dethy@synnergy.net)
Modified 2000-09-12T00:00:00

Description

Vulnerability Description

A remote overflow exists in TYPSoft FTP Server. The program fails to validate long commands resulting in a buffer overflow. With a specially crafted request, an attacker can cause denial of service resulting in a loss of availability.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A remote overflow exists in TYPSoft FTP Server. The program fails to validate long commands resulting in a buffer overflow. With a specially crafted request, an attacker can cause denial of service resulting in a loss of availability.

References:

Packet Storm: http://packetstormsecurity.org/0009-exploits/typsoft-ftpd.txt Other Advisory URL: http://www.synnergy.net/downloads/advisories/SLA-2000-07-typsoft-ftpd.txt Nessus Plugin ID:10084 Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=96879389027478&w=2 Keyword: SLA-2000-7 CVE-2000-1035 Bugtraq ID: 1690