CVE-2010-20121
EasyFTP Server <= 1.7.0.11 CWD Command Stack Buffer Overflow
EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability in the FTP command parser. When processing the CWD (Change Working Directory) command, the server fails to properly validate the length of the input string, allowing attackers to overwrite memory on the stack. This flaw enables remote code execution without authentication, as EasyFTP allows anonymous access by default. The vulnerability was resolved in version 1.7.0.12, after which the product was renamed “UplusFtp.”
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
KMiNT21 Software · EasyFTP ServerPoCs públicas encontradas — 7
cve_referencepaulmakowski.wordpress.com/2010/02/28/increasing-payload-size-w-return-address-overwrite/não verificadocve_referenceraw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/easyftp_cwd_fixret.rbnão verificadocve_referenceseclists.org/bugtraq/2010/Feb/202não verificadocve_referencewww.exploit-db.com/exploits/11668não verificadocve_referencewww.exploit-db.com/exploits/12312não verificadocve_referencewww.exploit-db.com/exploits/14402não verificadocve_referencewww.exploit-db.com/exploits/16737não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://paulmakowski.wordpress.com/2010/02/28/increasing-payload-size-w-return-address-overwrite/https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/easyftp_cwd_fixret.rbhttps://seclists.org/bugtraq/2010/Feb/202https://www.exploit-db.com/exploits/11668https://www.exploit-db.com/exploits/12312https://www.exploit-db.com/exploits/14402https://www.exploit-db.com/exploits/16737https://www.vulncheck.com/advisories/easyftp-server-cwd-command-stack-buffer-overflow