From: SecuriTeam <support@securiteam.com.>
To: [email protected]
Date: 25 Apr 2007 17:11:57 +0200
Subject: [NT] WS_FTP 2007 NetscapeFTPHandler Denial of Service
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <20070425142747.83DBB5B31@mail.tyumen.ru.>
X-Virus-Scanned: antivirus-gw at tyumen.ru
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
WS_FTP 2007 NetscapeFTPHandler Denial of Service
------------------------------------------------------------------------
SUMMARY
WS_FTP Home 2007 NetscapeFTPHandler is prone to a denial of service
vulnerability. The vulnerability stems from null pointer dereference.
DETAILS
Vulnerable Systems:
* WS_FTP Home 2007
* WS_FTP Professional 2007
The vulnerability can be triggered by the execution of a function with
improper arguments:
int Initialize ( char *str1, char *str2)
ADDITIONAL INFORMATION
The information has been provided by <mailto:michal.bucko@hack.pl.> Michal
Bucko.
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: [email protected]
In order to subscribe to the mailing list, simply forward this email to: [email protected]
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
