WS_FTP Home 2007 NetscapeFTPHandler is prone to a denial of service vulnerability. The vulnerability stems from a null pointer dereference.
95b396c81ec360054f76350a25531bd27bd0e9195a51da631ef4cb944ac685c5Synopsis: WS_FTP Home 2007 NetscapeFTPHandler denial of service
Product: WS_FTP Home 2007
Author: Michal Bucko (sapheal)
Issue:
======
WS_FTP Home 2007 NetscapeFTPHandler is prone to a denial of service
vulnerability. The vulnerability stems from null pointer dereference.
ESI 00000000
75DC3E09 MOVZX EAX,WORD PTR [ESI]
The vulnerability can be triggered by the execution of a function
with improper arguments:
int Initialize ( char *str1, char *str2)
By the way, WS_FTP server cannot deal with WS_FTP's secure loader - I found
a few other probable problems regarding WS_FTP but, still, couldn't verify
those. Exception occurs and information appears on the screen. The problem
lies, for the second time, in null pointer dereference. I am probalby going
to give more information at hack.pl as soon I fully understand the issue
with
WS_FTP.
rgds,
michal
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed