ArGoSoft FTP server remote heap overflow Feb 25 2006 05:25PM
Jerome Athias (jerome athias free fr)
-- Title:
ArGoSoft FTP server remote heap overflow

-- Affected Products:
ArGoSoft FTP server (current) and prior

-- Affected Vendor:
ArGoSoft -

-- Impact:
DoS, Arbitrary Code Execution

-- Where:
>From remote

-- Type:
Heap Overflow

-- Vulnerability Details:
A remote attacker with valid credentials is able to trigger a heap
overwrite in ArgoSoft FTP server.
The bug occurs by providing a long argument to the DELE command. This
vulnerability can allow remote attackers to execute arbitrary code or
launch a denial of service attack.

-- Credit:

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus