Mabry FTPServer/X mkdir Command Overflow

2004-01-11T00:00:00
ID OSVDB:3462
Type osvdb
Reporter OSVDB
Modified 2004-01-11T00:00:00

Description

Vulnerability Description

A remote overflow exists in FTPServer/X. The program fails to bounds check arguments to the mkdir command resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code on the server resulting in a loss of confidentiality, integrity, and/or availability.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A remote overflow exists in FTPServer/X. The program fails to bounds check arguments to the mkdir command resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code on the server resulting in a loss of confidentiality, integrity, and/or availability.

References:

Vendor URL: http://www.mabry.com/ftpserv/index.htm Secunia Advisory ID:10608 Other Advisory URL: http://www.securitytracker.com/alerts/2004/Jan/1008667.html Bugtraq ID: 9403