Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability

G6 FTP Server v2.0 (beta 4/5)

G6 FTP Server v2.0

Binary D.o.s

Source of Binary D.o.s



UssrLabs found a Local/Remote DoS Attack in G6 FTP Server v2.0 (beta 4/5),

The buffer overflow is caused by a long user name, 2000 characters.,The G6FTP start to do infinites loops in the main program,and start eating all memory and all computer resource CPU 100%, at the moment of no more memory, if this happend ALL System is down :(


[gimmemore@itsme]$ telnet 21


Connected to

Escape character is '^]'.

220-G6 FTP Server v2.0 (beta 5) ready ...

USER {buffer)

Where buffer is 2000 characters.

Vendor Status:

Not Contacted

Vendor Url:

Program Url:



Nothing yet.

u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h