CVE-2010-10014
published 2025-08-20CVE-2010-10014: Odin Secure FTP <= 4.1 is vulnerable to a stack-based buffer overflow when parsing directory listings received in response to an FTP LIST command. A malicious…
PriorityP261high8.7CVSS 4.0
AVNACLATNPRNUIPVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
0.95%
56.9th percentile
Odin Secure FTP <= 4.1 is vulnerable to a stack-based buffer overflow when parsing directory listings received in response to an FTP LIST command. A malicious FTP server can send an overly long filename in the directory listing, which overflows a fixed-size stack buffer in the client and overwrites the Structured Exception Handler (SEH). This allows remote attackers to execute arbitrary code on the client system.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| odin_software | odin_secure_ftp | <= 4.1 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor FTP LIST command responses from servers containing abnormally long filenames, which may indicate an attempt to overflow the fixed-size stack buffer in Odin Secure FTP clients. ↗
- →Look for SEH (Structured Exception Handler) record overwrites in Odin Secure FTP 4.1 process memory following receipt of a LIST command response, as this is the exploitation mechanism. ↗
- →A Metasploit module exists for this vulnerability targeting Windows FTP clients; detect exploit attempts via the module path windows/ftp/odin_list_reply. ↗
- ·Exploitation requires the attacker to operate or control a malicious FTP server that the victim client connects to; this is a client-side vulnerability triggered by server responses, not direct inbound attacks. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/odin_list_reply.rbhttps://web.archive.org/web/20111007123101/http://odinshare.com/secure-ftp-expert.htmlhttps://web.archive.org/web/20111016194057/https://www.corelan.be/index.php/2010/10/12/death-of-an-ftp-client/https://www.exploit-db.com/exploits/16716https://www.vulncheck.com/advisories/odin-secure-ftp-stack-buffer-overflow-via-list-responsehttps://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/odin_list_reply.rbhttps://www.exploit-db.com/exploits/16716
2025-08-20
Published