Jildi FTP Client 1.5.2 b1138 - Buffer Overflow Vulnerability

2015-06-03T00:00:00
ID VULNERLAB:1503
Type vulnerlab
Reporter metacom (PwC New Zealand) - [http://www.vulnerability-lab.com/show.php?user=metacom]
Modified 2015-06-03T00:00:00

Description

A buffer overflow software vulnerability has been discovered in the official Jildi FTP Client v1.5.2 (Build 1138) software. The buffer overflow vulnerability allows to include unicode strings to basic code inputs from a system user account to compromise the software process or system.

A fail to sanitize the input of the Name or Address results in compromise of the software system process. Local attackers are able to include large unicode strings to overwrite the registers (eip, ebp and co.) and gain higher system access privileges. The issue is a classic unicode buffer overflow that is exploitable by local attackers with low or restricted system user accounts.

The security risk of the buffer overflow vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 6.2. Exploitation of the vulnerability requires a low privilege system user account and no user interaction. Successful exploitation of the vulnerability results in system compromise by elevation of privileges via overwrite of the registers.

Vulnerable Module(s): [+] Name [+] Address