Date: Mon, 3 May 1999 06:16:38 +0200 From: Arne Vidstrom To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM Subject: Buffer overflows in FTP Serv-U 2.5 Hi, It looks like there are some buffer overflows in FTP Serv-U 2.5 (the most recent version) and I guess they are present in the versions before too, but I haven't checked that. If you send: cwd xxxxxxx... ls xxxxxx... and so on (it works for all commands I tried which takes arguments), the server will crash if the number of characters is 155 or more. If the number is exactly 155 it crashes without any message, and if the number is 156 or more Dr. Watson starts. I ran the server on Windows NT 4.0. Can anybody verify this? /Arne Vidstrom ----------------------------------------------------------------------------- Date: Tue, 4 May 1999 09:24:16 -0400 From: Rob Beckers To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM Subject: Re: Buffer overflows in FTP Serv-U 2.5 --On Monday, May 03, 1999, 6:16 AM +0200 Arne Vidstrom wrote: > Hi, > > It looks like there are some buffer overflows in FTP Serv-U 2.5 (the most > recent version) and I guess they are present in the versions before too, > but I haven't checked that. If you send: > > cwd xxxxxxx... > ls xxxxxx... > > and so on (it works for all commands I tried which takes arguments), the > server will crash if the number of characters is 155 or more. If the > number is exactly 155 it crashes without any message, and if the number > is 156 or more Dr. Watson starts. I ran the server on Windows NT 4.0. Can > anybody verify this? > > /Arne Vidstrom Hi Arne, Thank you for pointing out this bug! I have already traced and fixed it, and made a beta available at ftp://ftp.cat-soft.com/beta/ which addresses this. I would have appreciated it if you would have told me a few days before posting this to the NTBUGTRAQ list. I am not afraid of bugs, I'm sure there are more in Serv-U, but now friend and foe know how to remotely crash a Serv-U FTP server and many Serv-U users are finding out their servers are being deliberately crashed over and over (not to mention I have to deal with the resulting flood of E-mail while I could use that time more productively). It takes several days to fix a bug, and get it tested, before an update can be released. That leaves many hanging until an update is out. You know, it's not only the good guys that are subscribed to NTBUGTRAQ... Best wishes, Rob Author of Serv-U -- "An eye for an eye will leave the whole world blind" (Gandhi) -- Check out http://www.ftpserv-u.com for all about Serv-U v2.5 -------------------------------------------------------------------