PT-2003-2264 · Smartftp · Smartftp

Published

2003-12-31

Updated

2017-07-29

CVE-2003-1319

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions SmartFTP versions 1.0.973 through 1.0.975

Description The issue is caused by multiple buffer overflows that allow remote attackers to execute arbitrary code. This can be achieved via a long response to a PWD command, which triggers a stack-based overflow, or a long line in a response to a file LIST command, which triggers a heap-based overflow.

Recommendations For SmartFTP versions 1.0.973 through 1.0.975, update to version 1.0.976 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-1319

Affected Products

Smartftp

PT-2003-2264 · Smartftp · Smartftp

CVE-2003-1319

Related Identifiers

Affected Products

References · 9