MatuFtpServer Long PASS Command Remote Overflow

2002-05-21T23:13:00
ID OSVDB:9838
Type osvdb
Reporter Kanatoko(anvil@jumperz.net)
Modified 2002-05-21T23:13:00

Description

Vulnerability Description

A remote overflow exists in MatuFtpServer. The application fails to perform proper bounds checking resulting in a buffer overflow. By sending an overly long argument to the PASS command, a remote attacker can cause the server to crash resulting in a loss of availability.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A remote overflow exists in MatuFtpServer. The application fails to perform proper bounds checking resulting in a buffer overflow. By sending an overly long argument to the PASS command, a remote attacker can cause the server to crash resulting in a loss of availability.

References:

Vendor URL: http://www.matusoft.com/matuftpserver/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-05/0194.html ISS X-Force ID: 9138 CVE-2002-0895 Bugtraq ID: 4792