Home page logo
/

bugtraq logo Bugtraq mailing list archives

Rumpus FTP DoS
From: Jass Seljamaa <jass () email isp ee>
Date: Tue, 15 May 2001 19:22:38 +0200 (EET)

Maxum(maxum.com) Rumpus FTP server DoS vulnerability

Versions Affected: tested on v1.3.3, 2.0 dev 3(MacOS 8.6, 9.1), probably 
earlier, 
Not affected: v1.3.4

Description:
If you try to make a directory which name is 65 characters long, the 
Rumpus FTP service and the computer freezes. You can try to force 
Rumpus to quit, but it never worked for me(always crashed when I 
pressed the \'Force quit\' button). Also, the passwords are stored in plain 
text(in prefs folder, a file called \'Rumpus User Database\'), as in most 
macintosh programs, Maxum Support said to think about encrypting 
passwords in newer versions. 

Exploit:

ftp 192.168.0.1

user anonymous
pass an () nymo us

mkdir 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaa

Solution:
Vendor contacted, fixed in version 1.3.4.


Jass Seljamaa,
jass () isp ee
05212242  


-------------------------------------------------
This mail sent through IMP: email.isp.ee


  By Date           By Thread  

Current thread:
  • Rumpus FTP DoS Jass Seljamaa (May 16)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault