Mabry Software FTPServer/X 1.0 Controls Format String Vulnerability

ID SSV:77299
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


It has been reported that FTPServer/X may be prone to a remote format string vulnerability when processing a malicious request from a client. The vulnerability presents itself when the server receives a malicious request containing embedded format string specifiers from a remote client when supplying a username during FTP authentication. This could be exploited to crash the server but could also theoretically permit corruption/disclosure of memory contents and execution of arbitrary code.

FTPServer/X COM Object version 1.00.050 has been reported to be vulnerable to this issue, however, other versions could be affected as well. It should be noted that any software that implements the Mabry Software FTPServer/X control, is likely affected by this vulnerability. It has been confirmed that this control is in use by Mollensoft(Hyperion) FTP Server.

The vulnerable control is also used by PlatinumFTPServer, which is also vulnerable to this issue. It is noted that other FTP commands such as 'mkdir' and 'rename' are also affected by this issue.

user %s%s%s%s
mkdir %s%s%s%s
rename filename %s%s%s%s