CVE-2006-3768

Name of the Vulnerable Software and Affected Versions FileCOPA FTP Server version 1.01

Description The issue is related to an integer underflow in the filecpnt.exe component, allowing remote authenticated users to execute arbitrary code. This is achieved by providing a long argument to certain commands, which triggers a stack-based buffer overflow. The affected commands include CWD, DELE, MDTM, and MKD.

Recommendations For FileCOPA FTP Server version 1.01, update to a version released after 2006-07-21 to resolve the issue. As a temporary workaround, consider restricting access to the CWD, DELE, MDTM, and MKD commands until a patch is available.