TransSoft Broker FTP服务器缓冲区溢出漏洞-安全小百科

TransSoft Broker FTP服务器缓冲区溢出漏洞

漏洞ID	1105600	漏洞类型	缓冲区溢出
发布时间	1999-11-08	更新时间	2001-01-09
CVE编号	CVE-2000-1116	CNNVD-ID	CNNVD-200101-014
漏洞平台	Windows	CVSS评分	7.5

|漏洞来源

https://www.exploit-db.com/exploits/19611
https://www.securityfocus.com/bid/88549
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200101-014

|漏洞详情

TransSoftBrokerFTP服务器4.3.0.1之前版本存在缓冲区溢出漏洞。远程攻击者可以借助超长命令导致服务拒绝并可能执行任意命令。

|漏洞EXP

source: http://www.securityfocus.com/bid/783/info

If an unusually long user name is passed to the Broker FTP server software, the program will crash. If the program is running as a service, the service will consume all available memory and crash the entire system. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/19611.zip

|受影响的产品

TransSoft Broker FTP Server 4.0

TransSoft Broker FTP Server 3.0 Build 1

TransSoft Broker FTP Server 3.0

|参考资料

来源:XF
名称:broker-ftp-username-dos
链接:http://xforce.iss.net/static/5388.php
来源:WIN2KSEC
名称:20001018TransSoft’sBrokerFTPServer3.x&4.xRemoteDoSattackVulnerability
链接:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0041.html

相关推荐: Inktomi Search Software 3.0 – Source Disclosure

Inktomi Search Software 3.0 – Source Disclosure 漏洞ID 1053498 漏洞类型发布时间 2000-12-05 更新时间 2000-12-05 CVE编号 N/A CNNVD-ID N/A 漏洞平台 Mult…

文章版权归作者所有，未经允许请勿转载。

THE END