For the executable
Source of Binary D.O.S
USSR Advisory Code: USSR-2000032
February 04, 2000
Serv-U FTP-Server v2.5b and maybe other versions.
Windows Nt 4.0 WorkStation
Windows Nt 4.0 Server
UssrLabs found a buffer overflow, in one Windows Api "SHGetPathFromIDList" This function
converts an item identifier list to a file system path, just one Api who manage Links
files under windows.
If you have one malformed link file you can crash anything who try to Translate from
.lnk file like EXPLORER.EXE. all common dialogs and so on (copy one malformed link
file to the desktop,and you cant login intro the machine).
To made Serv-u crash just upload one malformed link file in any serv-u
directory and type the ftp command LIST, and Server Crashh.
this overflow no work under win2k
Example Malformed link in: http://www.ussrback.com/god.lnk
Vendor Url: http://ftpserv-u.deerfield.com/
Program Url: http://ftpserv-u.deerfield.com/download.cfm
Next version, personal code for handle links files.
Eeye, Attrition, w00w00, beavuh, Rhino9, ADM, L0pht, HNN, Technotronic and