Users login

Create an account »


Users login

Home » Hacking News » WFTPD Path/File Mapping Buffer Overflow Vulnerability

WFTPD Path/File Mapping Buffer Overflow Vulnerability

by platon on June 2nd, 2001 WFTPD is a popular FTP server developed by Texas Imperial Software for Windows systems...

It has been reported that a buffer overflow condition exists in WFTPD. The condition is present when a user requests a 'LIST' of the current directory or 'LIST -d' of a directory.

If this overrun occurs on the stack, it may be possible for malicious users to execute arbitrary code on the underlying host. At the very least attackers can use this vulnerability to crash WFTPD.

If anonymous FTP is enabled, this vulnerability may be exploitable by anonymous users on the Internet without authentication.

No exploit is required to crash the service due to this

Users must simply enter a 'current working directory' that exceeds approximately 250 characters (ie, using '......................../') and then request a LIST. The overflow occurs when the length condition is met and the FTP service will crash until manually restarted.

No known exploit code exists that will force execution of shellcode on the server.

This vulnerability was discovered by ByteRage <[email protected]> and posted to Bugtraq on May 24, 2001.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »