Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

ArGoSoft FTP server remote heap overflow

From: Jerome Athias <jerome.athias () free fr>
Date: Sat, 25 Feb 2006 18:25:43 +0100
-- Title:
ArGoSoft FTP server remote heap overflow

-- Affected Products:
ArGoSoft FTP server 1.4.3.5 (current) and prior

-- Affected Vendor:
ArGoSoft - http://www.argosoft.com

-- Impact:
DoS, Arbitrary Code Execution

-- Where:

From remote


-- Type:
Heap Overflow

-- Vulnerability Details:
A remote attacker with valid credentials is able to trigger a heap
overwrite in ArgoSoft FTP server.
The bug occurs by providing a long argument to the DELE command. This
vulnerability can allow remote attackers to execute arbitrary code or
launch a denial of service attack.

-- Credit:
SecurInfos
https://www.securinfos.info/english/
Previous By Date Next
Previous By Thread Next

Current thread: