ProFTPD 1.2pre4 Remote Buffer Overflow Xploit

· Overview ·
· Origins ·
· Operation ·
· Detection and Removal ·
· Research ·

Overview
Vendor Notes:	The vulnerability in 1.2pre1, 1.2pre3 and 1.2pre3 is a remotely exploitable buffer overflow, the result of a sprintf() in the log_xfer() routine in src/log.c. The vulnerability in -> 1.2pre4 <- is a mkdir overflow.
Category:	Exploit: A way of breaking into a system. An exploit takes advantage of a weakness in a system in order to hack it. Exploits are the root of the hacker culture. Hackers gain fame by discovering an exploit. Others gain fame by writing scripts for it. Legions of script-kiddies apply the exploit to millions of systems, whether it makes sense or not. Since people make the same mistakes over-and-over, exploits for very different systems start to look very much like each other. Most exploits can be classified under major categories: buffer overflow, directory climbing, defaults, Denial of Service.
Similar Pests:	Exploit
Origins
Author:	wc,
By This Author:	Apcd Local Xploit · Asmon Local Exploit · Awcrash.c · DoS against Alibaba 2.0 WebServer · Gnapster/Knapster View File Exploit · Gopher+[v2.3.1p0-] Daemon remote Xploit · IISDoS · Mobius DocumentDirect for the Internet 1.2 Buffer Overflow Vulnerabilities · NetMetro · NetMetro 1.0 · NetMetro 1.04 · Netmetro Patch · NetWare Trojan · Robotex Viking Server Buffer Overflow Vulnerability · SetXConf Exploit (Corel 1.0) · SuSe Local tmp Xploit · WCRAT · WCRAT (wC Remote Administration Tool) 1.1B · WCRAT (wC Remote Administration Tool) 1.2B · wCRAT 1.2b
Date of Origin:	December, 2000
Operation
Detection and Removal
Automatic Removal:	PestPatrol detects this. PestPatrol removes this.
Research
More Info:	AllTheWeb, AltaVista, AOL Search, Ask Jeeves, Google, HotBot, Lycos, LookSmart, MSN, Yahoo!
Research By:	PestPatrol's Pest Research Center
Last Revised:	July 16, 2004