|
Hyperion FTP Server Long Command Buffer Overflow
|
|
Secunia Advisory:
|
SA8568
|
|
|
Release Date:
|
2003-04-10
|
|
Last Update:
|
2003-04-28
|
|
Popularity:
|
4,692 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
DoS
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Mollensoft FTP Server 3.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
Description:
A vulnerability identified in Hyperion FTP Server can potentially be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused by a boundary error. A malicious person can exploit the this by establishing a connection to the FTP server and supply a specially crafted 931 bytes long command.
An example was included in the original advisory:
telnet <server> 21
A * 931
Successful exploitation causes a buffer overflow, which potentially can be exploited by a non-authenticated person to execute arbitrary code on the system with the FTP server's permissions.
Solution:
Install the updated Hyperion FTP Server version 3.0 released after 5th April.
Provided and/or discovered by:
Moran Zavdi
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
