QVT/Term
Plus 4.2d FTP Denial of Service Reported November 10, 1999 by USSRLABS
UssrLabs reported a problem in QPC"s QVT/Term Plus 4.2d FTP Server, where a buffer overflow condition can allow a remote user to intiate a denial of service attack against the software. DEMONSTRATION CODE When a remote user connects to the software and sends a username and password of 2000 characters, the server suffers a buffer overrun and crashes. VENDOR RESPONSE UssrLabs did not notify QPC of this problem, however the vendor has been made aware through other channels.
Discovered by USSRLABS Posted here at NTSecurity.net on November 14, 1999 |
0 comments
Hide comments