Bugtraq: Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability

From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Mon, 15 Jan 2007 01:03:02 +0300

Dear sapheal () hack pl,

shp> conditions.  However, as the issue involves the control that is not
shp> marked  safe  for  scripting  nor  for initialization, it cannot be
shp> exploited  remotely.  Moreover, as for know I have not proved it is
shp> exploitable.


shp> Unhandled exception at 0x7c840a81 in wsftpurl.exe:
shp> 0xC0000005: Access violation reading location 0x41414141.

shp> In order to analyze the vulnerability one might execute
shp> wsftpurl.exe with a long argument. 

Pretending  this  vulnerability  IS exploitable, what is security impact
from  it? What can you achieve by exploiting this vulnerability you cant
archive without it?


-- 
~/ZARAZA
http://www.security.nnov.ru/
Reasoning  depends  upon  programming,  not  on  hardware and we are the
ultimate program! (Frank Herbert).

By Date By Thread

Current thread:

Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability sapheal (Jan 12)
- Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability 3APA3A (Jan 15)
  - Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability Eliah Kagan (Jan 16)
    - Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability HACKPL - bugtraq/sapheal (Jan 16)