Vulnerable Software
FTP server 8.0f(g)
Vulnerability
Local Buffer Overflow (SEH protected)-> Code Execution
time line
- 01/24/2018 Vendor informed
- 30.01.2018 Vendor reminded
- 12.02.2018 Software patched
- 20.02.2018 Vulnerability Disclose
Description
The free FTP-Server from Michael Roth Software is vulnerable to a local buffer overflow. One of the advanced options within the application didn’t have input validation which leads to code execution.
Acknowledgement
