Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14956
HistoryNov 07, 2006 - 12:00 a.m.

[Full-disclosure] WFTPD Pro Server 3.23 Buffer Overflow

2006-11-0700:00:00
vulners.com
23
JSON

WFTPD Pro Server 3.23 Buffer Overflow

A buffer overflow was found in the APPE command when
passing (as first) a long string
with slashes and/or backslashes. The exploit is
clearly exploitable as overwritting EIP
is quite easy but I'm too lazy…

Attached goes an (unfinished) POC.

Disclaimer

The information in this advisory and any of its
demonstrations is provided "as is" without any
warranty of any kind.

I am not liable for any direct or indirect damages
caused as a result of using the information or
demonstrations provided in any part of this advisory.

Contact

Joxean Koret at <<<<<<<<@>>>>>>>>yah00<<<<<<dot>>>>>es

LLama Gratis a cualquier PC del Mundo.
Llamadas a fijos y moviles desde 1 centimo por minuto.
http://es.voice.yahoo.com

JSON