Project6011 scanner format string vulnerability.
b3936c5a03707605e82827d50ef1dff01db2098eb96609a0325343bb4100decdproject6011 remote format string vulnerability
number: #14
author: Dark Eagle
date: 24.02.05
vendor: http://lbyte.ru
status: NO-PATCHES
overview:
Project6011 version 1.1.5 The Search Machine of Network Protocols. It's scans hosts to identify network protocols.
details:
serious vulnerability was founded in scanning FTP protocol. when project6011 scanning ftp protocol and reading banner from
ftp daemon, it's not checking input buffer on formats. exploit this bug is very simple.
NOTE:
i tested this bug in SMTP, FTP, TELNET and it's w0rking very well :)
solution:
don't use snprintf() or sprintf() or fprintf() without formats.
exploit:
PoC exploit is avaible from our site (http://unl0ck.void.ru ). It's creates fake server and when k1ddie will scan
this fake server, he will be in a
big sh1t!
greetz:
all unl0ckerz, gh0stz, nosystemz.
(c) uKt Research
2004-2005
http://unl0ck.void.ru
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed