Project6011 scanner format string vulnerability.
c0451470fca0cf2524bd9978da9b22a1project6011 remote format string vulnerability
number: #14
author: Dark Eagle
date: 24.02.05
vendor: http://lbyte.ru
status: NO-PATCHES
overview:
Project6011 version 1.1.5 The Search Machine of Network Protocols. It's scans hosts to identify network protocols.
details:
serious vulnerability was founded in scanning FTP protocol. when project6011 scanning ftp protocol and reading banner from
ftp daemon, it's not checking input buffer on formats. exploit this bug is very simple.
NOTE:
i tested this bug in SMTP, FTP, TELNET and it's w0rking very well :)
solution:
don't use snprintf() or sprintf() or fprintf() without formats.
exploit:
PoC exploit is avaible from our site (http://unl0ck.void.ru ). It's creates fake server and when k1ddie will scan
this fake server, he will be in a
big sh1t!
greetz:
all unl0ckerz, gh0stz, nosystemz.
(c) uKt Research
2004-2005
http://unl0ck.void.ru
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!