CVE-2006-2961

Name of the Vulnerable Software and Affected Versions CesarFTP versions 0.99g and earlier

Description The issue is caused by a boundary error in handling the MKD command, leading to a stack-based buffer overflow. This can cause a denial of service, resulting in an application crash, and potentially allow remote attackers to execute arbitrary code. The estimated number of potentially affected devices worldwide is not available.

Recommendations For CesarFTP versions 0.99g and earlier, consider restricting access to the MKD command as a temporary workaround until a patch is available. Avoid using long MKD commands in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.