Description
Buffer overflow in ArGoSoft FTP Server 1.4.2.8 allows remote authenticated users to execute arbitrary code via a long DELE command. NOTE: this issue was later reported to also affect 1.4.3.5.
Affected products
- argosoft / ftp_server1.4.2.8 – 1.4.2.8
- argosoft / ftp_server1.4.2.29 – 1.4.2.29
- argosoft / ftp_server1.4.3.5 – 1.4.3.5
References
- MISChttp://www.securityfocus.com/archive/1/392653
- VENDOR_ADVISORYhttp://secunia.com/advisories/14526
- MISChttp://securitytracker.com/id?1015681
- MISChttp://securityreason.com/securityalert/494
- MISChttp://www.securityfocus.com/bid/12755
- VENDOR_ADVISORYhttps://www.securinfos.info/english/security-advisories-alerts/20060225_ArGoSoft.FTP.Server_Heap.Overflow.html
- MAILING_LISThttp://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042523.html
- MISChttp://www.securityfocus.com/archive/1/426081/100/0/threaded