mailing list archives
Remote buffer overflow in GlobalScape Secure FTP server 3.0.2
From: "muts" <muts () whitehat co il>
Date: Mon, 2 May 2005 02:41:36 +0200
See Security, Research and Development
[-] Product Information
GlobalScape Secure FTP Server is a flexible, reliable, and cost-effective
File Transfer Protocol (FTP) Server. Secure FTP Server is used to exchange
data securely using the most up-to-date security protocols available and
employs a rich set of automation tools, providing a comprehensive data
[-] Vulnerability Description
A buffer overflow was discovered in GlobalScape Secure FTP Server
3.0.2 which allows remote code execution by sending a malformed FTP
When sending a malformed FTP request in the format [3000 Bytes]\r\n we will
be able to overwrite the instruction pointer (and SEH) with an arbitrary
[-] Vendor Notification
The vendor has been notified, and a fix is available.
Developed by Mati Aharoni
The vulnerability was discovered by Mati Aharoni.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- Remote buffer overflow in GlobalScape Secure FTP server 3.0.2 muts (May 02)