Saturday, 3 March 2012

[EN] EFTP Server version overflowed

I know this is not a new software, but durning fuzzing tests and lessons I found this interesting overflow bug:

~ 100*'A' for MDTM command

Of course this bug is very simple. Anyway it is good to learn how software works;)

EFTP Server You can find here.

* Update 19:04 *

 To make an "attack" we can send only 5 A's via MDTM command ;)


No comments:

Post a Comment

What do You think...?