BisonWare FTP Server Subject to DoS - 22 Jun 1999

 
BisonWare FTP Server V3.5
Subject to DoS
Reported November 25, 1999 by
USSRLABS
VERSIONS AFFECTED
  • BisonWare FTP Server V3.5

DESCRIPTION

USSRLabs discovered a denial of service condition in BisonWare FTP Server V3.5. The problems are the result of buffer overflow conditions within the program code.

DEMONSTRATION

The problem affects the login sequence. By sending a very long URL user name of 2000 characters the service can be made to crash.

VENDOR RESPONSE

UssrLabs notified BisonWare about this problem, however no response is unknown at this time.

CREDITS
Discovered by USSRLABS
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish