[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow

To: Stefan Esser <s.esser@e-matters.de>, full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow
From: icbm <icbm@0x557.net>
Date: Wed, 11 Feb 2004 10:25:54 +0800

Stefan Esser wrote:
| Morning
|
|
|>XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow
|
|
| beside the fact that EvolutionX is illegal software, because it is
| compiled against the leaked Microsoft XBOX XDK, your indepth analysis
| lacks the most funny part:
|
| You can crash evolutionX by just connecting to the ftp server and
| supplying a long username:password combination.
|
| Ohh and unlike your crashes this one is preauth.
|
| Stefan Esser
|
|
Morning s.esser:)

Yep,EvolutionX is a illegal software...But it give us most advanced
features(right?)and analysing it is funny:P

My analysis is not deep but I haven't forgotten the preauth part.It can't crash my 3935 evox by supplying a long username:passwd( maybe it not long enough:(?) so what's your version?.

zhao wei


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow
  - From: icbm <icbm@0x557.net>
- Re: [Full-Disclosure] XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow
  - From: Stefan Esser <s.esser@e-matters.de>

Prev by Date: Re: [Full-Disclosure] m$ posters
Next by Date: [Full-Disclosure] [RHSA-2004:051-01] Updated mutt packages fix remotely-triggerable crash
Previous by thread: Re: [Full-Disclosure] XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow
Next by thread: [Fwd: Re: [Full-Disclosure] Virus infect on single user]
Index(es):
- Date
- Thread