Cooolsoft PowerFTP Server Multiple Denial Of Service Vulnerability

PowerFTP is a commercial FTP server for Microsoft Windows 9x/ME/NT/2000/XP operating systems. It is maintained by Cooolsoft.

Multiple instances of denial of service vulnerabilities exist in PowerFTP's FTP daemon. This is achieved by connecting to a vulnerable host and submitting an unusally long string of arbitrary characters.

It has been reported that this issue may also be triggered by issuing an excessively long FTP command of 2050 bytes or more.

This issue may is most likely due to a buffer overflow. If this is the case, there is a possibility that arbitrary code may be executed on the vulnerable host. However, this has not yet been confirmed.


Privacy Statement
Copyright 2010, SecurityFocus