Tiny FTPd Multiple Buffer Overflow Vulnerabilities

Tiny FTPd is a freeware FTP server for Win9x with a Japanese interface. Version .52 and possible previous versions have unchecked buffers in the code that handles the following commands: APPE, MKD, RMD, RNFR, RNTO, SIZE, STOR, XMKD, and XRMD. With these overflows, an attacker can overwrite the stack and execute arbitrary code.


 

Privacy Statement
Copyright 2010, SecurityFocus