VanDyke AbsoluteFTP FTP Client LIST Overflow

2011-12-12T00:00:00
ID SAINT:5DD40210503F4B9910BCE06807852D43
Type saint
Reporter SAINT Corporation
Modified 2011-12-12T00:00:00

Description

Added: 12/12/2011
BID: 50614
OSVDB: 77105

Background

VanDyke AbsoluteFTP is a popular free FTP client. AbsoluteFTP was replaced by SecureFX in 1998, and support for AbsoluteFTP ended in 2007.

Problem

The AbsoluteFTP client contains a buffer overflow vulnerability when parsing file and directory listing replies from the server. The client tries to copy the file name to a fixed-length stack buffer without performing adequate validation.

Resolution

The vendor has discontinued support for AbsoluteFTP. Further usage of this product is not recommended.

References

<http://www.vandyke.com/products/absoluteftp/index.html>
<http://secunia.com/advisories/46781/>

Limitations

This exploit has been tested against VanDyke AbsoluteFTP 2.2.10 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).

Platforms

Windows