FTP Desktop client多个基于堆的缓冲区溢出漏洞

FTP Desktop client多个基于堆的缓冲区溢出漏洞

漏洞ID 1107478 漏洞类型 缓冲区溢出
发布时间 2003-09-08 更新时间 2003-09-17
图片[1]-FTP Desktop client多个基于堆的缓冲区溢出漏洞-安全小百科CVE编号 CVE-2003-0766
图片[2]-FTP Desktop client多个基于堆的缓冲区溢出漏洞-安全小百科CNNVD-ID CNNVD-200309-020
漏洞平台 Windows CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/23118
https://www.securityfocus.com/bid/82714
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200309-020
|漏洞详情
FTPDesktopclient3.5及其可能早期的版本存在多个基于堆的缓冲区溢出漏洞。远程恶意服务器借助(1)超长FTPbanner,(2)USER命令的超长响应,或者(3)PASS命令的超长响应执行任意代码。
|漏洞EXP
source: http://www.securityfocus.com/bid/8560/info

A buffer overflow vulnerability has been reported in FTP Desktop. The vulnerability occurs when FTP Desktop is parsing 331 server responses from remote FTP servers. When FTP Desktop receives an FTP 331 response exceeding a certain length, it will trigger the overflow condition. This could allow for execution of malicious code in the context of the affected FTP client.

Username:
---------
(FTP Desktop Sends 'USER username')
PADDING EBP EIP
331 [229xA][4xB][4xX]
(Access violation when executing 0x58585858) // 4xX

Password:
---------
(FTP Desktop Sends 'PASS password')
PADDING EBP EIP
331 [229xA][4xB][4xX]
(Access violation when executing 0x58585858) // 4xX
|受影响的产品
FTP Desktop FTP Desktop 3.5
|参考资料

来源:BUGTRAQ
名称:20030908MultipleHeapOverflowsinFTPDesktop
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=106305502230604&w;=2

相关推荐: BZFlag 1.7 g0 – Reconnect Denial of Service

BZFlag 1.7 g0 – Reconnect Denial of Service 漏洞ID 1053878 漏洞类型 发布时间 2003-05-21 更新时间 2003-05-21 CVE编号 N/A CNNVD-ID N/A 漏洞平台 Linux CV…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享