Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Windows Net Apps :: win5894.htm

Hyperion FTP Server remote overflow



23th Dec 2002 [SBWID-5894]
COMMAND

	Hyperion FTP Server remote overflow

SYSTEMS AFFECTED

	Hyperion FTP Server version 2.8.11

PROBLEM

	Thanks to securma massine [securma@caramail.com] advisory :
	
	A vulnerability exists in Hyperion Ftp  Server  which  allows  a  remote
	user to execute an arbitrary code ,it  is  a  similar  vulnerability  of
	Enceladus Server Suite I believe that the problem reside in the  use  of
	Marby  Socket   Window   and   ftpservx.dll   who   does   not   support
	dir+(buffer=300 byte)
	
	Access violation - code c0000005 (first chance)
	eax=0012bcbc ebx=0012c574 ecx=42424242 edx=7846f5b5
	esi=0012bce4 edi=00147ffd
	eip=42424242 esp=0012bc24 ebp=0012bc44 iopl=0 nv up
	ei pl zr na po nc
	cs=001b ss=0023 ds=0023 es=0023 fs=003b
	gs=0000 efl=00000246
	42424242 ?? ???
	
	made that eip point towards the beginning of our buffer makes  me  think
	a news methode to backdooring... it is also noticed  that  the  pass  is
	without encoding a:/users/"login "

SOLUTION

	?


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH