Buffer Overflow by a long path name

Networking/Security Forums -> Exploits // System Weaknesses

Author: zombie2 PostPosted: Mon May 03, 2010 6:25 pm    Post subject: Buffer Overflow by a long path name
    ----
I am working on this exploit http://milworm.ru/exploits/1295
The vulnerability is exploited by creating multiple levels of sub-directories with long names on ftp server, and then issuing the "XPWD" command when at the lowest level sub-directory.
The resulting path name that is generated in response to the "XPWD" command will exceed 2048 bytes, thus overflowing the stack-buffer.
What i cannot understand is how the code is injected in the file path.
Please help!!
[/b]



Networking/Security Forums -> Exploits // System Weaknesses


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group