Re: ArGoSoft FTP server remote heap overflow

To: bugtraq@xxxxxxxxxxxxxxxxx, jerome.athias@xxxxxxx
Subject: Re: ArGoSoft FTP server remote heap overflow
From: "Steven M. Christey" <coley@xxxxxxxxx>
Date: Tue, 28 Feb 2006 20:27:54 -0500 (EST)
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

A buffer overflow in DELE was originally reported to Bugtraq by CorryL
in March 2005, for ArGoSoft FTP 1.4.2.8 (CVE-2005-0696):

  http://www.securityfocus.com/archive/1/392653

According to CorryL's disclosure timeline, no patch had been released
by the disclosure date.

So, is this a rediscovery of that older issue, for the most recent
version?

- Steve

Follow-Ups:
- Re: ArGoSoft FTP server remote heap overflow
  - From: Jerome Athias

Prev by Date: Limbo CMS code execution
Next by Date: FreeBSD Security Advisory FreeBSD-SA-06:10.nfs
Previous by thread: ArGoSoft FTP server remote heap overflow
Next by thread: Re: ArGoSoft FTP server remote heap overflow
Index(es):
- Date
- Thread