CVE-2003-0766
published 2003-09-17CVE-2003-0766: Multiple heap-based buffer overflows in FTP Desktop client 3.5, and possibly earlier versions, allow remote malicious servers to execute arbitrary code via (1)…
PriorityP432high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
6.71%
93.1th percentile
Multiple heap-based buffer overflows in FTP Desktop client 3.5, and possibly earlier versions, allow remote malicious servers to execute arbitrary code via (1) a long FTP banner, (2) a long response to a USER command, or (3) a long response to a PASS command.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ftp_desktop | ftp_desktop | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
FTP Desktop 3.5 - Banner Parsing Buffer Overflow
exploitdb·2003-09-08
CVE-2003-0766 FTP Desktop 3.5 - Banner Parsing Buffer Overflow
FTP Desktop 3.5 - Banner Parsing Buffer Overflow
---
source: https://www.securityfocus.com/bid/8559/info
A buffer overflow vulnerability has been reported in FTP Desktop. The vulnerability occurs when FTP Desktop is parsing 'Welcome' banner 220 messages from remote FTP servers. When FTP Desktop receives an FTP banner exceeding a certain length, it will trigger the overflow condition. This could allow for execution of malicious code in the context of the affected FTP client.
(FTP Desktop connected...)
PADDING EBP EIP
220 [229xA][4xB][4xX]
(Access violation when executing 0x58585858) // 4xX
Exploit-DB
FTP Desktop 3.5 - FTP 331 Server Response Buffer Overflow
exploitdb·2003-09-08
CVE-2003-0766 FTP Desktop 3.5 - FTP 331 Server Response Buffer Overflow
FTP Desktop 3.5 - FTP 331 Server Response Buffer Overflow
---
source: https://www.securityfocus.com/bid/8560/info
A buffer overflow vulnerability has been reported in FTP Desktop. The vulnerability occurs when FTP Desktop is parsing 331 server responses from remote FTP servers. When FTP Desktop receives an FTP 331 response exceeding a certain length, it will trigger the overflow condition. This could allow for execution of malicious code in the context of the affected FTP client.
Username:
(FTP Desktop Sends 'USER username')
PADDING EBP EIP
331 [229xA][4xB][4xX]
(Access violation when executing 0x58585858) // 4xX
Password:
(FTP Desktop Sends 'PASS password')
PADDING EBP EIP
331 [229xA][4xB][4xX]
(Access violation when executing 0x58585858) // 4xX
No writeups or analysis indexed.
2003-09-17
Published