EFTP Buffer Overflow Vulnerability

EFTP is a freeware ftp client and server package that offers encrypted and normal file transfer functionality written by Khamil Landross. If the server recieves a request containing more than 2100 characters, it will crash due to sensitive memory areas being overwritten by the extraneous data. The server will then, in most cases, crash. It may be possible to execute arbitrary code on the server running eftp if a request is carefully crafted to do so.


 

Privacy Statement
Copyright 2010, SecurityFocus