10th Apr 2003 [SBWID-6133]
Hyperion FTP Server Buffer Overflow (DoS & remote access)
In DataSEC Advisory [http://www.data-sec.com]:
Hyperion FTP Server is a powerful, reliable FTP server for
Windows95/98/NT/2000, and supports all basic FTP commands, and much
more, such as passive mode.
Buffer Overflow in the USER field. Any remote attacker can cause DOS
and in some cases get unauthorised remote access to the server. when
sending a string in the user field with more than 931 chars.
telnet <server> 21
A * 931
server overflow will occur.
Mollensoft have been informed about this issue and released a new
version, however they did not gave it a new version number. Anyone who
is using version installed before 5/4/03 is advised to download and
install the new version.