Cerberus FTP Server 1.x Remote DoS attack Vulnerability

2001-06-22T00:00:00
ID SECURITYVULNS:DOC:1750
Type securityvulns
Reporter Securityvulns
Modified 2001-06-22T00:00:00

Description

Cerberus FTP Server 1.x Remote DoS attack Vulnerability

Cartel Advisory Code: CART-0101

Vendor Affected:

greenepa's: http://www.greenepa.net/~averett/

Public Disclosure Date: 21-06-2001

Systems Affected: Cerberus FTP Server, 1.x (1.2 and 1.5 were tested only)

Credits: Nicolas Brulez - Brulez@cartel-info.fr

Problem:

Cartel security team has found a buffer overflow in the Cerberus FTP server, which means that an attacker can execute a denial of service attack against it.This attack will crash the server, without any error. FTP service is then unavailable.

Note:

The binary exploit is given as a proof of concept. It is for educational purpose only. Cartel team can't be held responsible for anything you do with this file. The exploit file has been fully coded in Win32 assembly language.

Example:

220-Welcome to Cerberus FTP Server 220 Created by Grant Averett USER [buffer] PASS [anything]

[buffer] is aprox. 320 characters.

note:

A good combination of the buffer and pass is needed in order to crash the server.Passing only a BIG user won't crash anything.

Date of Vendor Notification: 20-6-2001

Status:

Waiting answer from the author.

Fix: none yet.

Greetings to my friends at:

USSR, Hert,Vauban systems and qualys.

About:

Cartel is a company based in France, dedicated to Research about network security and application security systems.

Security services provided are :

  • Firewalls testing
  • Network Penetration Testing
  • Application Security Testing
  • Data protecting
  • Intrusion Detection systems
  • Binary auditing
  • Secured hosting
  • Antivirus
  • PKI
  • VPN

Copyright (c) Cartel informatique Security Research LABS. This Document is copyrighted.It can't be edited nor republished without explicit consent of CARTEL LABS.

For more informations, feel free to contact us.

Cartel info security research labs mail: srl@cartel-info.fr http://securite.cartel-info.fr/ (french site)