CVE-2000-1035
published 2000-12-11CVE-2000-1035: Buffer overflows in TYPSoft FTP Server 0.78 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long…
PriorityP337critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
12.97%
95.8th percentile
Buffer overflows in TYPSoft FTP Server 0.78 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER, PASS, or CWD command.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| typsoft | typsoft | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL FTP PASS overflow attempt
suricata·2010-09-23
CVE-1999-1519 GPL FTP PASS overflow attempt
GPL FTP PASS overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"GPL FTP PASS overflow attempt"; flow:established,to_server,no_stream; content:"PASS"; nocase; isdataat:100,relative; pcre:"/^PASS\s[^\n]{100}/smi"; reference:bugtraq,10078; reference:bugtraq,10720; reference:bugtraq,1690; reference:bugtraq,3884; reference:bugtraq,8601; reference:bugtraq,9285; reference:cve,1999-1519; reference:cve,1999-1539; reference:cve,2000-1035; reference:cve,2002-0126; reference:cve,2002-0895; classtype:attempted-admin; sid:2101972; rev:19; metadata:created_at 2010_09_23, cve CVE_1999_1519, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL FTP USER overflow attempt
suricata·2010-09-23
CVE-1999-1510 GPL FTP USER overflow attempt
GPL FTP USER overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP USER overflow attempt"; flow:established,to_server,no_stream; content:"USER|20|"; nocase; isdataat:100,relative; pcre:"/^USER\x20[^\x00\x20\x0a\x0d]{100}/smi"; reference:bugtraq,10078; reference:bugtraq,1227; reference:bugtraq,1504; reference:bugtraq,1690; reference:bugtraq,4638; reference:bugtraq,7307; reference:bugtraq,8376; reference:cve,1999-1510; reference:cve,1999-1514; reference:cve,1999-1519; reference:cve,1999-1539; reference:cve,2000-0479; reference:cve,2000-0656; reference:cve,2000-0761; reference:cve,2000-0943; reference:cve,2000-1035; reference:cve,2000-1194; reference:cve,2001-0256; reference:cve,2001-0794; reference:cve,2001-0826; reference:cve,2002-0126; reference:cve,2002-1522;
Suricata
GPL FTP CWD overflow attempt
suricata·2010-09-23
CVE-1999-0219 GPL FTP CWD overflow attempt
GPL FTP CWD overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP CWD overflow attempt"; flow:established,to_server; content:"CWD"; nocase; isdataat:100,relative; pcre:"/^CWD\s[^\n]{100}/smi"; reference:bugtraq,11069; reference:bugtraq,1227; reference:bugtraq,1690; reference:bugtraq,6869; reference:bugtraq,7251; reference:bugtraq,7950; reference:cve,1999-0219; reference:cve,1999-1058; reference:cve,1999-1510; reference:cve,2000-1035; reference:cve,2000-1194; reference:cve,2001-0781; reference:cve,2002-0126; reference:cve,2002-0405; classtype:attempted-admin; sid:2101919; rev:25; metadata:created_at 2010_09_23, cve CVE_1999_0219, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Exploit-DB
Oracle8i Standard Edition 8.1.5 for Linux Installer - Local Privilege Escalation
exploitdb·2000-03-05
CVE-2000-0206 Oracle8i Standard Edition 8.1.5 for Linux Installer - Local Privilege Escalation
Oracle8i Standard Edition 8.1.5 for Linux Installer - Local Privilege Escalation
---
source: https://www.securityfocus.com/bid/1035/info
A vulnerability exists in the installation program for Oracle 8.1.5i. The Oracle installation scripts will create a directory named /tmp/orainstall, owned by oracle:dba, mode 711. Inside of this directory it will create a shell script named orainstRoot.sh, mode 777. The installation script will then stop and ask the person installing to run this script. The installation program at no point attempts to determine if the directory or script already exist. This makes it possible to create a symbolic link from the orainstRoot.sh file to elsewhere on the file system. This could be used to create a .rhosts file, for instance, and gain access to the root accou
Exploit-DB
TYPSoft FTP Server 0.7.x - FTP Server Remote Denial of Service
exploitdb·1999-06-08
CVE-2000-1035 TYPSoft FTP Server 0.7.x - FTP Server Remote Denial of Service
TYPSoft FTP Server 0.7.x - FTP Server Remote Denial of Service
---
source: https://www.securityfocus.com/bid/1690/info
Long commands (ie., over 2048 bytes) sent to TYPSoft FTP Server cab cause the server to hang, requiring a manual restart to restore the process.
After the release of this advisory Noam Rathaus from http://www.BeyondSecurity.com contributed the following addendum:
.. "this product is also vulnerable if you connect to the server, but not send anything (do the SYN/ACK sequence but disconnect immediately). This is due to the fact that they use a DELPHI TSocket class, which doesn't handle exceptions very well. "
#!/usr/bin/perl
use Getopt::Std;
use IO::Socket;
getopts('s:', \%args);
if(!defined($args{s})){&usage;}
$serv = $args{s};
$foo = "A"; $number = 2048;
$data .= $fo
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=96879389027478&w=2http://www.securityfocus.com/bid/1690http://www.synnergy.net/Archives/Advisories/dethy/typsoft-ftpd.txthttp://marc.info/?l=bugtraq&m=96879389027478&w=2http://www.securityfocus.com/bid/1690http://www.synnergy.net/Archives/Advisories/dethy/typsoft-ftpd.txt
2000-12-11
Published