Re: ArGoSoft FTP server remote heap overflow

To: "Steven M. Christey" <coley@xxxxxxxxx>
Subject: Re: ArGoSoft FTP server remote heap overflow
From: Jerome Athias <jerome.athias@xxxxxxx>
Date: Wed, 01 Mar 2006 18:07:59 +0100
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <200603010127.k211Rs0J004609@xxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <200603010127.k211Rs0J004609@xxxxxxxxxxxxxxx>
User-agent: Thunderbird 1.5 (Windows/20051201)

Hi,

as i replied privately to you, yes i think we can say that. You could
consider it as an update...
Note that the vendor was contacted without response.

Regards
/JA

Steven M. Christey a écrit :
> A buffer overflow in DELE was originally reported to Bugtraq by CorryL
> in March 2005, for ArGoSoft FTP 1.4.2.8 (CVE-2005-0696):
>
>   http://www.securityfocus.com/archive/1/392653
>
> According to CorryL's disclosure timeline, no patch had been released
> by the disclosure date.
>
> So, is this a rediscovery of that older issue, for the most recent
> version?
>
> - Steve
>
>
>

References:
- Re: ArGoSoft FTP server remote heap overflow
  - From: Steven M. Christey

Prev by Date: Evolution Emailer DoS
Next by Date: Evil side of Firefox extensions
Previous by thread: Re: ArGoSoft FTP server remote heap overflow
Next by thread: [waraxe-2006-SA#047] - Evading sql-injection filters in phpNuke 7.8
Index(es):
- Date
- Thread