> > Summary
> > Possible buffer overflow in windows ftp client...
>
> Ok, and what do you gain by this?
> Also see previous threads (yes they are a while ago)
> "ftp.exe buffer overflow" and "FTP.exe risk:low" about
> some other bugs in the ftp client (format string bugs).
>
look at the conclusion of the advisory:
Conclusion
So is prolly possible execute code in the system, and for sure crash the
client (will ever be useful:P?) <- should i make it bold?
i wrote the advisory because its a spreaded program not because it was
dangerous:)
> Anyway, if you like client side bugs you could better search for something
> like server sending "evilstuff" to client which causes (for example) an
overflow.
> In that case you could write a remote exploit... _that_ would be a
security bug
ill make some test and send some string from the SERVER to the client to see
if i can crash it up -if i got the time-
cya
supergate.
Received on Nov 01 2001
Intro
