#dotdotheader_menu.html#
Globalscape Secure FTP server Remote Code Execution
Author: Mati Aharoni
Date: 1 May 2005
-[ Product: Globalscape Secure FTP server-[ Version: 3.0.2
-[ OS: Windows
-[ Vendor: http://www.globalscape.com
Summary
The Globalscape Secure FTP server is vulnerable to a buffer overflow condition which can lead to remote code execution.
Problem
When sending a malformed FTP request with around 3200 bytes, the server crashes. The overflow allows direct control of EIP and SEH. For proof of concept see:
http://metasploit.com/projects/Framework/modules/exploits/globalscapeftp_user_input.pm
For a more detailed analysis, click here
Patches
Vendor was notified and a patch was released.
#dotdotfree_projects_menu.html#