Info

Disclosure

Jan 22, 2005

Discovery

Unknown

Dates

Exploit

Jan 22, 2005

Solution

Unknown

Description

A remote overflow exists in Golden FTP Server. Golden FTP Server fails to perform proper bounds checking in the RNTO function resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Upgrade to version 2.05b or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

KMiNT21 Software	Golden FTP Server	2.01b
		1.31b
		1.30b

References

Security Tracker: 1012973
Secunia Advisory ID: 13966
CVE ID: 2005-0566 (see also: NVD)
Mail List Post: http://marc.theaimsgroup.com/?l=full-disclosure&m=110640744621948&w=2
Vendor URL: http://www.goldenftpserver.com/

Credit

barabas mutsonline - barbsiegmail.com -

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

KMiNT21 Software

Golden FTP Server

References

Credit