Saturday, 3 March 2012

[EN] EFTP Server version 3.3.1.145 overflowed

I know this is not a new software, but durning fuzzing tests and lessons I found this interesting overflow bug:

~ 100*'A' for MDTM command

Of course this bug is very simple. Anyway it is good to learn how software works;)

EFTP Server You can find here.


* Update 19:04 *



 To make an "attack" we can send only 5 A's via MDTM command ;)

Cheers!

No comments:

Post a Comment

What do You think...?