FTP Voyager CWD Parameter Stack Buffer Overflow Vulnerability
BID:22637
Info
FTP Voyager CWD Parameter Stack Buffer Overflow Vulnerability
| Bugtraq ID: | 22637 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-1079 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 20 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | Marsu Pilami is credited with the discovery of this vulnerability. |
| Vulnerable: |
FTP Voyager FTP Voyager 14.0.0.3 |
| Not Vulnerable: | |
Discussion
FTP Voyager CWD Parameter Stack Buffer Overflow Vulnerability
FTP Voyager is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Exploiting this issue may allow attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition.
This issue affects FTP Voyager 14.0.0.3.; other versions may also be affected.
FTP Voyager is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Exploiting this issue may allow attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition.
This issue affects FTP Voyager 14.0.0.3.; other versions may also be affected.
Exploit / POC
FTP Voyager CWD Parameter Stack Buffer Overflow Vulnerability
Currently we are not aware of any exploits for the stack-based buffer-overflow issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
The following exploit code is available for the denial-of-service vulnerability:
Currently we are not aware of any exploits for the stack-based buffer-overflow issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
The following exploit code is available for the denial-of-service vulnerability:
Solution / Fix
FTP Voyager CWD Parameter Stack Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
FTP Voyager CWD Parameter Stack Buffer Overflow Vulnerability
References:
References:
- FTP Voyager Web Site (FTP Voyager)