CVE-2010-20121
EasyFTP Server <= 1.7.0.11 CWD Command Stack Buffer Overflow
EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability in the FTP command parser. When processing the CWD (Change Working Directory) command, the server fails to properly validate the length of the input string, allowing attackers to overwrite memory on the stack. This flaw enables remote code execution without authentication, as EasyFTP allows anonymous access by default. The vulnerability was resolved in version 1.7.0.12, after which the product was renamed “UplusFtp.”
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
KMiNT21 Software · EasyFTP ServerPoCs públicas encontradas — 7
cve_referencepaulmakowski.wordpress.com/2010/02/28/increasing-payload-size-w-return-address-overwrite/no verificadocve_referenceraw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/easyftp_cwd_fixret.rbno verificadocve_referenceseclists.org/bugtraq/2010/Feb/202no verificadocve_referencewww.exploit-db.com/exploits/11668no verificadocve_referencewww.exploit-db.com/exploits/12312no verificadocve_referencewww.exploit-db.com/exploits/14402no verificadocve_referencewww.exploit-db.com/exploits/16737no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://paulmakowski.wordpress.com/2010/02/28/increasing-payload-size-w-return-address-overwrite/https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/easyftp_cwd_fixret.rbhttps://seclists.org/bugtraq/2010/Feb/202https://www.exploit-db.com/exploits/11668https://www.exploit-db.com/exploits/12312https://www.exploit-db.com/exploits/14402https://www.exploit-db.com/exploits/16737https://www.vulncheck.com/advisories/easyftp-server-cwd-command-stack-buffer-overflow