RaidenFTPd IXceedCompression多个拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1190880 漏洞类型 其他
发布时间 2007-04-24 更新时间 2007-04-25
CVE编号 CVE-2007-2179 CNNVD-ID CNNVD-200704-425
漏洞平台 N/A CVSS评分 7.8
|漏洞来源
https://cxsecurity.com/issue/WLB-2007040113
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200704-425
|漏洞详情
雷电FTPD是一套全功能的FTP服务器软件。雷电FTPD的XceddZipLib库(RaidenFTPD.dll)中CalculateCrc、Compress和Uncompress函数没有正确地处理用户输入,如果攻击者提交了恶意的FTP请求的话,就可能触发空指针引用,导致拒绝服务。
|漏洞EXP
Synopsis:  RaidenFTPd IXceedCompression multiple denial of service 
vulnerabilities
Product:   RaidenFTP
Version:   2.4

Author:    sapheal

Issue:
======

RaidenFTP XceddZipLib (RaidenFTPD.dll) is prone to multiple 
remote denial of service vulnerabilities.

Details:
========

Funcions: CalculateCrc, Compress and Uncompress cannot properly handle
the given input. Successful exploitation of  the issue allows
local attackers to trigger the application's crash (due to null pointer
dereference).

Credits:
========

Michal Bucko (sapheal), hackpl

Disclaimer:
===========

This  document and all the information it contains are provided "as is",
for educational purposes only, without warranty  of  any  kind,  whether
express or implied.

The  authors reserve the right not to be responsible for the topicality,
correctness, completeness or quality of  the  information   provided  in
this  document.  Liability  claims regarding damage caused by the use of
any information provided, including any kind  of  information  which  is
incomplete or incorrect, will therefore be rejected.
|参考资料

来源:BID
名称:23570
链接:http://www.securityfocus.com/bid/23570
来源:BUGTRAQ
名称:20070419RaidenFTPdIXceedCompressionmultipledenialofservicevulnerabilities
链接:http://www.securityfocus.com/archive/1/archive/1/466319/100/0/threaded
来源:XF
名称:raidenftpd-multiple-dos(33776)
链接:http://xforce.iss.net/xforce/xfdb/33776
来源:SREASON
名称:2606
链接:http://securityreason.com/securityalert/2606