Crob FTP Server Remote Heap Buffer Overflow Vulnerability

Crob FTP Server is prone to a remote heap-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input data prior to copying it to an insufficiently sized memory buffer.

This vulnerability allows remote attackers to overwrite critical memory control structures, possibly altering the affected application's normal flow of execution. Attackers may exploit this to execute arbitrary machine code in the context of the affected server process.

This issue is present in version 3.6.1; previous versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus