Vulnerability: Local Bufferoverflow in Personal FTP-Server 8.0f(g)


 

Vulnerable Software

FTP-Server 8.0f(g)

Vulnerability

Local Buffer Overflow (SEH protected)-> Code Execution

Time Line

  • 24.01.2018 Vendor informed
  • 30.01.2018 Vendor reminded
  • 12.02.2018 Software patched
  • 20.02.2018 Vulnerability Disclose

Description

The free FTP-Server from Michael Roth Software is vulnerable to a local buffer overflow. One of the advanced options within the application didn’t have input validation which leads to code execution.

Acknowledgement

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht.