Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Windows Net Apps :: a6133.htm

Hyperion FTP Server Buffer Overflow (DoS & remote access)



10th Apr 2003 [SBWID-6133]
COMMAND

	Hyperion FTP Server Buffer Overflow (DoS & remote access)

SYSTEMS AFFECTED

	version 3.0.0

PROBLEM

	In DataSEC Advisory [http://www.data-sec.com]:
	
	Hyperion  FTP  Server  is  a   powerful,   reliable   FTP   server   for
	Windows95/98/NT/2000, and supports all  basic  FTP  commands,  and  much
	more, such as passive mode.
	
	Buffer Overflow in the USER field. Any remote  attacker  can  cause  DOS
	and in some cases get unauthorised remote access  to  the  server.  when
	sending a string in the user field with more than 931 chars.
	
	 Code
	 ====
	
	
	telnet <server> 21
	
	A * 931
	
	connection closed.
	--
	
	
	server overflow will occur.

SOLUTION

	Mollensoft have been informed  about  this  issue  and  released  a  new
	version, however they did not gave it a new version number.  Anyone  who
	is using version installed before 5/4/03  is  advised  to  download  and
	install the new version.
	
	


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH