[VIM] Sami FTP Server RETR Command Remote Denial of Service Vulnerability

Patrick Webster patrick at aushack.com
Thu Jun 13 01:04:18 CDT 2013


>From writing the Metasploit module awhile back
(http://www.metasploit.com/modules/exploit/windows/ftp/sami_ftpd_user),
I would have to say this is correct. The daemon itself was okay
however there was an unsafe sprintf when viewing the logging console,
and this appears to be the exact same issue (on an even earlier
release!).

-Patrick

On Thu, Jun 13, 2013 at 11:08 AM, George Theall <gtheall at tenable.com> wrote:
> Narayan / Venkat / Rob : isn't the DoS in Sami FTP Server covered by BID 60513 just a rehash of one of those that securfrog reported back in 2008 (CVE-2008-5105 / BID 27817 / OSVDB 50303 / http://archives.neohapsis.com/archives/bugtraq/2008-02/0231.html)?
>
> George
> --
> theall at tenable.com
>


More information about the VIM mailing list