Freefloat is a software series developed directly for handheld terminals. Freefloat FTP Server is a free FTP server for various versions of Windows including Windows CE/Pocket PC.
Freefloat FTP Server is vulnerable to a stack overflow as a result of sending overly long replies. The vulnerability can be triggered by the attacker by sending the FTP server a
**USER** command with an overly long username parameter.
Use a firewall to restrict access to trusted computers, install an update from the vendor when one becomes available, or choose another FTP server.
Exploit works on Freefloat FTP Server 1.0 on Microsoft Windows Server 2003 SP2 with KB956802 and KB956572.