Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

FTP Fuzzer
From: "infocus" <infocus () infigo hr>
Date: Sun, 13 Nov 2005 00:42:01 +0100
Hi,

We have released simple and user friendly GUI FTP fuzzer tool for stress
testing FTP server implementations. It is quite configurable tool, which
means that you can precisely define which FTP commands will be fuzzed
with the parameter size and test strings.

Running this fuzzer against FTP server implementations resulted in
uncovering numerous security vulnerabilities (overflows, format strings) 
in various FTP servers. After short period of fuzzing, fuzzer revealed 
buffer overflow vulnerabilities in for example:

- ArgoSoft FTP Server (RNTO Unicode overflow)
- Golden FTP Server (NLST overflow)
- FileZilla FTP Server (MLSD)
- FileZilla remote server interface (homemade protocol)
- WarFTPD (various exceptions and WDM.exe overflow)

You can download it from:
http://www.infigo.hr/files/ftpfuzz.zip


Regards,
Leon Juranic

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]