[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SamiFTPd buffer overflow

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: SamiFTPd buffer overflow
From: admin@xxxxxxxxxxx
Date: 24 Jan 2006 19:58:19 -0000

Sami FTP server buffer overflow
Critical Security advisory #007 - 2006-01-24 16:20:08

Product: Sami FTP 2.0.1 
Vuln type: Stack based buffer overflow 
Risk:  Moderate
Attack: Remote 
Original advisory: http://www.critical.lt/?vulnerabilities/208

Sami FTP Server buffer overflow vulnerability 

Product site: http://www.karjasoft.com/samiftp 

Server is affected by a buffer overflow due to insufficient sanitization of 
user input, vulnerable parameter - USER. Vulnerability 
is triggered when someone tries to view server log. 

Proof Of Concept code execution exploit: 
http://www.critical.lt/research/sami_ftp_poc.txt

Prev by Date: BlackWorm: 2 million infected? ISP notifications.
Next by Date: Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack
Previous by thread: BlackWorm: 2 million infected? ISP notifications.
Next by thread: Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack
Index(es):
- Date
- Thread