Over_G

**Name of the Vulnerable Software and Affected Versions** 3D-FTP client version 4.0 **Description** A buffer overflow issue exists, allowing remote FTP servers to potentially cause a denial of service (crash) and possibly execute arbitrary code by sending a long banner. **Recommendations** For version 4.0, consider updating to a newer version that addresses this issue, if available. As a temporary workaround, restrict access to untrusted FTP servers to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: BLNews version 2.1.3 Description: The issue allows remote attackers to execute arbitrary PHP code via a `Server[path]` parameter that points to malicious code on an attacker-controlled web site. This is related to the `objects.inc.php4` file. Recommendations: For BLNews version 2.1.3, consider restricting access to the `objects.inc.php4` file to minimize the risk of exploitation. Avoid using the `Server[path]` parameter in a way that could allow execution of malicious code until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.