Skip to content
/ buffer-overflow-warftp-1.65 Public

Ivan Ricart Borges - WarFTP is prone to a stack-based buffer-overflow vulnerability because it fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized buffer.

2 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

iricartb/buffer-overflow-warftp-1.65

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
README.md
README.md
 
 
warftphack.c
warftphack.c
 
 

Repository files navigation

Buffer Overflow War FTP Daemon - CVE-2007-1567

Type: Unavailable / Other
Severity: High
Publication date: 03/21/2007
Last modified: 03/07/2011

Description

Stack-based buffer overflow in War FTP Daemon 1.65, and possibly earlier, allows remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors, as demonstrated by warftp_165.tar by Immunity.

NOTE: this might be the same issue as CVE-1999-0256, CVE-2000-0131, or CVE-2006-2171, but due to Immunity's lack of details, this cannot be certain.

Impact

Access Vector: Through network
Access Complexity: Low
Authentication: Not required to exploit
Impact Type: Total commitment on system integrity + Total commitment on system confidentiality + Total commitment on system availability

Vulnerable software

  • War FTP Daemon v1.65

Exploit

War FTP Username Stack-Based Buffer-Overflow Vulnerability Multiple Targets: C language

About

Ivan Ricart Borges - WarFTP is prone to a stack-based buffer-overflow vulnerability because it fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized buffer.

Topics

c ftp-server buffer-overflow warftp

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages