u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h

Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability

G6 FTP Server v2.0 (beta 4/5)	G6 FTP Server v2.0
Binary D.o.s Source of Binary D.o.s	PROBLEM UssrLabs found a Local/Remote DoS Attack in G6 FTP Server v2.0 (beta 4/5), The buffer overflow is caused by a long user name, 2000 characters.,The G6FTP start to do infinites loops in the main program,and start eating all memory and all computer resource CPU 100%, at the moment of no more memory, if this happend ALL System is down :( Example: [gimmemore@itsme]$ telnet example.com 21 Trying example.com... Connected to example.com. Escape character is '^]'. 220-G6 FTP Server v2.0 (beta 5) ready ... USER {buffer) Where buffer is 2000 characters. Vendor Status: Not Contacted Vendor Url: http://www.gene6.com/ Program Url: http://www.gene6.com/g6ftpd/download.html Credit: USSRLABS SOLUTION: Nothing yet. u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h