SlimFTPd long filename buffer overflow

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

eddie5659

Thread Starter
Moderator
Malware Specialist
Joined
Mar 19, 2001
Messages
37,255
Hiya

SlimFTPd is a free FTP server for Microsoft Windows. SlimFTPd versions 3.15 and 3.16 and possibly earlier versions are vulnerable to a stack-based buffer overflow caused by improper bounds checking of user-supplied input when handling filenames received from the LIST, DELE, and RNFR commands. By sending a long filename, a remote attacker could overflow a buffer and execute arbitrary code on the system.


Platforms Affected:

Microsoft Corporation: Windows 95
Microsoft Corporation: Windows 98
Microsoft Corporation: Windows 98 Second Edition
Microsoft Corporation: Windows Me
Microsoft Corporation: Windows XP
Microsoft Corporation: Windows 2000 Any version
Microsoft Corporation: Windows 2003 Any version
Microsoft Corporation: Windows NT 4.0
WhitSoft Development: SlimFTPd 3.15
WhitSoft Development: SlimFTPd 3.16


http://xforce.iss.net/xforce/xfdb/21480

Regards

eddie
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top