u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h

Remote DoS Attack in TransSoft's Broker Ftp Server v3.5 Vulnerability

Broker v3.5	TransSoft's Broker FTP SERVER
Broker Ftp Server v3.5 d.o.s binary. Broker Ftp Server v3.5 D.o.s Source (needs Tasm 5.0)	Problem: UssrLabs found a Remote DoS Attack in TransSoft's Broker Ftp v3.5, the buffer overflow is caused by a long user name 2730 characters. If TransSoft's Broker Ftp Server is running as a service the service will start eating all memory and all computer resource CPU 100%, at the moment of no more memory, if this happend all system is down :( Example: [cham@guilt cham]$ telnet example.com 21 Trying example.com... Connected to example.com. Escape character is '^]'. FTP SERVER READY User [buffer] Where [buffer] is aprox. 2730 characters. At his point the server overflows Published by: USSR Labs u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h