Reported October 18, 2000 by USSR Labs

VERSIONS AFFECTED
  • TransSoft Broker FTP Server 3.x/4.x

DESCRIPTION

TransSoft's Broker FTP Server 3.x and 4.x is vulnerable to a buffer overflow that can allow a malicious attacker to consume all available memory and computing resources.

DEMONSTRATION

By sending a username of approximately 6000 characters Broker FTP Server will consume all available Windows NT resources.  For example;

C:\>Telnet vulnerabletestsite.com 21

Connected vulnerabletestsite.com
Escape character is '^\]'
220 FTP Server ready \[***\]
\[6000 character buffer\]

VENDOR RESPONSE

The vendor, TransSoft has released a fix for this vulnerability available at; http://www.transsoft.com/broker/updates/broker40nt.exe

CREDIT
Discovered by
USSR Labs