OSVDB ID: 85887

Title: TurboFTP Server FTP Port Command IP Octet String Parsing Remote Overflow

Info

Disclosure

Oct 03, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

TurboFTP Server is prone to an overflow condition. This issue is triggered when a boundary error occurs during the parsing of an FTP port command, which will result in a stack-based buffer overflow. With a specially crafted IP octet string, a remote attacker can potentially execute arbitrary code.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Solution Unknown
Exploit: Exploit Private
Disclosure: Third-party Verified, Uncoordinated Disclosure

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

TurboSoft, Inc.

TurboFTP Server

1.30.823

References

Exploit Database: 22161
Secunia Advisory ID: 50595
Vendor URL: http://www.tbsoftinc.com/tbserver/turboftp-server-overview.htm

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/85887