CVE-2003-0561
published 2003-08-18CVE-2003-0561: Multiple buffer overflows in IglooFTP PRO 3.8 allow remote FTP servers to execute arbitrary code via (1) a long FTP banner, or long responses to the client…
PriorityP430high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.79%
88.6th percentile
Multiple buffer overflows in IglooFTP PRO 3.8 allow remote FTP servers to execute arbitrary code via (1) a long FTP banner, or long responses to the client commands (2) USER, (3) PASS, (4) ACCT, and possibly other commands.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| iglooftp | iglooftp_pro | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
IglooFTP 0.6.1 - Banner Parsing Buffer Overflow
exploitdb·2003-07-10
CVE-2003-0561 IglooFTP 0.6.1 - Banner Parsing Buffer Overflow
IglooFTP 0.6.1 - Banner Parsing Buffer Overflow
---
source: https://www.securityfocus.com/bid/8161/info
A buffer overflow vulnerability has been reported in IglooFTP. The vulnerability occurs when IglooFTP is parsing 'Welcome' banner messages from remote FTP servers. When IglooFTP receives an FTP banner exceeding a certain length, it will trigger the overflow condition. This could allow for execution of malicious code in the context of the FTP client.
#!/usr/bin/perl
# PoC exploit for iglooftp, cftp and moxftp for freebsd
# moxftp / mftp 2.2
# cftp 0.12
# Iglooftp 0.6.1
# Some of the code is fucked, the passive connection is a cheap hack and will not
# respawn, so the fake ftpd will have to be restarted... (only IglooFTP)
# Some RET adr's change, this can be fixed with gdb, look int
Exploit-DB
IglooFTP PRO 3.8 - Multiple Buffer Overflow Vulnerabilities (2)
exploitdb·2003-07-07
CVE-2003-0561 IglooFTP PRO 3.8 - Multiple Buffer Overflow Vulnerabilities (2)
IglooFTP PRO 3.8 - Multiple Buffer Overflow Vulnerabilities (2)
---
source: https://www.securityfocus.com/bid/8117/info
IglooFTP PRO for Windows platforms has been reported prone to multiple buffer overrun vulnerabilities.
The issue likely presents itself due do a lack of sufficient bounds checking performed on data that is copied into a reserved internal memory buffer. Remote arbitrary code execution has been confirmed.
It should be noted that although this vulnerability has been reported to affect IglooFTP PRO version 3.8, other versions might also be affected.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/22872.zip
Exploit-DB
IglooFTP PRO 3.8 - Multiple Buffer Overflow Vulnerabilities (1)
exploitdb·2003-07-07
CVE-2003-0561 IglooFTP PRO 3.8 - Multiple Buffer Overflow Vulnerabilities (1)
IglooFTP PRO 3.8 - Multiple Buffer Overflow Vulnerabilities (1)
---
// source: https://www.securityfocus.com/bid/8117/info
IglooFTP PRO for Windows platforms has been reported prone to multiple buffer overrun vulnerabilities.
The issue likely presents itself due do a lack of sufficient bounds checking performed on data that is copied into a reserved internal memory buffer. Remote arbitrary code execution has been confirmed.
It should be noted that although this vulnerability has been reported to affect IglooFTP PRO version 3.8, other versions might also be affected.
/* IglooExploit.c (Windows XP Professional Build 2600.x)
*
* [email protected]
* ---------------------------
* glooFTP Pro 3.8 Remote exploit code is ready to use ;)
* all you need to do is compile the source code and
No writeups or analysis indexed.
2003-08-18
Published