freeFTPd PASS Command Buffer Overflow
Rocco Calvi
- Affected Vendor
- freeFTPd
- Affected Product
- freeFTPd
- Exploit Type
- Metasploit Module
- Metasploit Module
exploit/windows/ftp/freeftpd_pass
Description
freeFTPd 1.0.10 and below contains an overflow condition where user-supplied input is not properly validated when handling a specially crafted PASS command, enabling remote attackers to trigger a buffer overflow and achieve arbitrary code execution.