Web Site: http://www.mollensoft.com/
Versions: 3.0.0
Platform: Windows
Bug: Tràn bộ đệm.
Risk: DoS và truy cập trái phép từ xa access.
1) Introduction
Hyperion FTP Server is a powerful, reliable FTP server for Windows95/98/NT/2000, and supports all basic FTP commands, and much more, such as passive mode.
2) Bug
Buffer Overflow in the USER field. Any remote attacker can cause DOS and in some cases get unauthorised remote access to the server. when sending a string in the user field with more than 931 chars.
3) The Code
telnet <server> 21
A * 931
connection closed.
--
server overflow will occur.
4) Fix
Mollensoft have been informed about this issue and released a new version, however they did not gave it a new version number.
Anyone who is using version installed before 5/4/03 is advised to download and install the new version.
