SunFTP Buffer Overflow Vulnerability

SunFTP is a small freeware ftp server created by XS4ALL Data. It is possible to launch a DoS attack against the server by sending more than 2100 characters to the server, which will cause it to crash. This is the result of a buffer overrun condition, where excessive user input overwrites critical data in the application's memory. It may be possible for a hacker to execute arbitrary code on the target as well, but this is uncomfirmed.


Privacy Statement
Copyright 2010, SecurityFocus