Description
Stack-based buffer overflow in BulletProof FTP Client 2.63 and 2010 allows user-assisted attackers to execute arbitrary code via a bookmark file entry with a long host name, which appears as a host parameter within the quick-connect bar.
Affected products
- bpftp / bulletproof_ftp_client2.63 – 2.63
References
- EXPLOIThttps://www.exploit-db.com/exploits/7571
- EXPLOIThttp://packetstormsecurity.com/files/131965/BulletProof-FTP-Client-2010-Buffer-Overflow.html
- MISChttp://osvdb.org/50968
- VENDOR_ADVISORYhttp://secunia.com/advisories/33322
- MISChttp://www.securityfocus.com/bid/33007
- MISChttp://www.kb.cert.org/vuls/id/565580
- EXPLOIThttps://www.exploit-db.com/exploits/37056/
- MISChttp://securityreason.com/securityalert/4835