Intervations FileCopa Unspecified Remote Stack Buffer Overflow Vulnerability
BID:23056
Info
Intervations FileCopa Unspecified Remote Stack Buffer Overflow Vulnerability
| Bugtraq ID: | 23056 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 20 2007 12:00AM |
| Updated: | Apr 09 2007 11:02PM |
| Credit: | This issue was reported through the Immunity Partner's Program. |
| Vulnerable: |
Intervations FileCopa FTP Server 1.01 |
| Not Vulnerable: | |
Discussion
Intervations FileCopa Unspecified Remote Stack Buffer Overflow Vulnerability
FileCopa is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed attempts may cause denial-of-service conditions.
FileCopa is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed attempts may cause denial-of-service conditions.
Exploit / POC
Intervations FileCopa Unspecified Remote Stack Buffer Overflow Vulnerability
The following exploit code is available for members of the Immunity Partner's Program:
https://www.immunityinc.com/downloads/immpartners/filecopa.tar
The following exploit is publicly available:
The following exploit code is available for members of the Immunity Partner's Program:
https://www.immunityinc.com/downloads/immpartners/filecopa.tar
The following exploit is publicly available:
Solution / Fix
Intervations FileCopa Unspecified Remote Stack Buffer Overflow Vulnerability
Solution:
The vendor reports that versions released after 1.01 are not vulnerable and recommends updating to the current version of FileCOPA. Please contact the vendor for information on how to obtain and install the current version.
Solution:
The vendor reports that versions released after 1.01 are not vulnerable and recommends updating to the current version of FileCOPA. Please contact the vendor for information on how to obtain and install the current version.
References
Intervations FileCopa Unspecified Remote Stack Buffer Overflow Vulnerability
References:
References:
- FileCopa Homepage (Intervations)
- Immunity Partner's Page (Immunity)