UssrLabs found a Local/Remote DoS Attack in BisonWare FTP Server V3.5. The buffer overflow is caused by a long user name, 2000 characters. Source / Binary for DoS attack here.
b9bf2c6f03b60c09ff76b043f8b7a7aac25a8e062fe0a9217a774ed8d103ddcb
Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability
PROBLEM
UssrLabs found a Local/Remote DoS Attack in BisonWare FTP Server V3.5,
the buffer overflow is caused by a long user name, 2000 characters,
There is not much to expand on.... just a simple hole
Example:
Go to: http://www.ussrback.com/biftps35/
For the source / binary of this remote / local D.O.S
Vendor Status:
Contacted.
Vendor Url: http://ourworld.compuserve.com/homepages/nick_barnes/
Program Url:
http://ourworld.compuserve.com/homepages/nick_barnes/ftpserve.htm
Credit: USSRLABS
SOLUTION
Nothing yet.
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h
http://www.ussrback.com