UssrLabs found a Local/Remote DoS Attack in G6 FTP Server v2.0
The buffer overflow is caused by a long user name, 2000 characters.,The
G6FTP start to do infinites loops in the main program,and start
eating all memory and all computer resource CPU 100%, at the moment
of no more memory, if this happend ALL System is down :(
[gimmemore@itsme]$ telnet example.com 21
Connected to example.com.
Escape character is '^]'.
220-G6 FTP Server v2.0 (beta 5) ready ...
Where buffer is 2000 characters.
Vendor Url: http://www.gene6.com/
Program Url: http://www.gene6.com/g6ftpd/download.html
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a
r c h