> -----Original Message-----
> From: infocus [mailto:infocus@xxxxxxxxx]
> Sent: Sunday, November 13, 2005 2:42 AM
> To: vuln-dev@xxxxxxxxxxxxxxxxx
> Subject: FTP Fuzzer
>
> Hi,
>
> We have released simple and user friendly GUI FTP fuzzer tool
> for stress
> testing FTP server implementations. It is quite configurable
> tool, which
> means that you can precisely define which FTP commands will be fuzzed
> with the parameter size and test strings.
>
> Running this fuzzer against FTP server implementations resulted in
> uncovering numerous security vulnerabilities (overflows,
> format strings)
> in various FTP servers. After short period of fuzzing, fuzzer
> revealed
> buffer overflow vulnerabilities in for example:
>
> - ArgoSoft FTP Server (RNTO Unicode overflow)
> - Golden FTP Server (NLST overflow)
> - FileZilla FTP Server (MLSD)
> - FileZilla remote server interface (homemade protocol)
> - WarFTPD (various exceptions and WDM.exe overflow)
>
> You can download it from:
>
>
>
> Regards,
> Leon Juranic
>
