• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

InstantServers MiniPortal FTP Login Remote Buffer Overlow Vulnerability

InstantServers MiniPortal is a web server package for Windows based machines, based on the Apache project web server. It includes a web based administrative interface, and a bundled FTP server.

A vulnerability has been reported in the MiniPortal FTP server. It is possible to overflow a buffer when logging into the FTP server. This allows an arbitrary remote user able to connect to the FTP server to execute arbitrary code. The FTP server is installed by default.