Multiple bugs in FTP clients - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Multiple bugs in FTP clients
Published: 09.06.2003
Source: BUGTRAQ
SecurityVulns ID: 2894
Type: client
Level: 5/10
Description: Bugs during parsing FTP server data.

Affected: CEDSOFT : FlashFXP
SMARTFTP : SmartFTP 1.0
RHINO : FTP Voyager 10.0
LEAPFTP : LeapFTP 2.7
CVE: CVE-2007-0825 (FlashFXP 3.4.0 build 1145 allows remote servers to cause a denial of service (CPU consumption) via a response to a PWD command that contains a long string with deeply nested directory structure, possibly due to a buffer overflow.)
CVE-2007-0790 (Heap-based buffer overflow in SmartFTP 2.0.1002 allows remote FTP servers to execute arbitrary code via a large banner. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.)
CVE-2003-1319 (Multiple buffer overflows in SmartFTP 1.0.973, and other versions before 1.0.976, allow remote attackers to execute arbitrary code via (1) a long response to a PWD command, which triggers a stack-based overflow, and (2) a long line in a response to a file LIST command, which triggers a heap-based overflow.)

Original document nesumin, [LeapFTP] "PASV" Reply Buffer Overflow Vulnerability (09.06.2003)

nesumin, [FTP Voyager] File List Buffer Overflow Vulnerability (09.06.2003)

nesumin, [SmartFTP] Two Buffer Overflow Vulnerabilities (09.06.2003)

nesumin, [FlashFXP] Two Buffer Overflow Vulnerabilities (09.06.2003)

Files: LeapFTP remote buffer overflow exploit
FlashFXP V 3.4.0 build 1145 Buffer Overflow DoS
SmartFTP Client v 2.0.1002 Heap Overflow DoS
Discuss: Read or add your comments to this news (0 comments)