RaidenFTPd IXceedCompression multiple denial of service vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: RaidenFTPd IXceedCompression multiple denial of service vulnerabilities
From: "Michal Bucko" <michal.bucko@xxxxxxx>
Date: Thu, 19 Apr 2007 23:31:51 +0200
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Synopsis:  RaidenFTPd IXceedCompression multiple denial of service 
vulnerabilities
Product:   RaidenFTP
Version:   2.4

Author:    sapheal



Issue:
======

RaidenFTP XceddZipLib (RaidenFTPD.dll) is prone to multiple 
remote denial of service vulnerabilities.


Details:
========

Funcions: CalculateCrc, Compress and Uncompress cannot properly handle
the given input. Successful exploitation of  the issue allows
local attackers to trigger the application's crash (due to null pointer
dereference). 



Credits:
========

Michal Bucko (sapheal), hackpl



Disclaimer:
===========

This  document and all the information it contains are provided "as is",
for educational purposes only, without warranty  of  any  kind,  whether
express or implied.

The  authors reserve the right not to be responsible for the topicality,
correctness, completeness or quality of  the  information   provided  in
this  document.  Liability  claims regarding damage caused by the use of
any information provided, including any kind  of  information  which  is
incomplete or incorrect, will therefore be rejected.

Prev by Date: Winamp <= (WMV) 5.3 Buffer Overflow DOS Exploit (0-DAY)
Next by Date: Re: Internet Explorer Crash
Previous by thread: Winamp <= (WMV) 5.3 Buffer Overflow DOS Exploit (0-DAY)
Next by thread: Yet another SQL injection framework
Index(es):
- Date
- Thread