CVE-2011-3976

Name of the Vulnerable Software and Affected Versions AmmSoft ScriptFTP version 3.3

Description The issue is a stack-based buffer overflow that allows remote FTP servers to execute arbitrary code. This can occur when a long filename is received in response to a LIST command. The exploitation can be demonstrated using commands such as GETLIST or GETFILE in a ScriptFTP script.

Recommendations For AmmSoft ScriptFTP version 3.3, consider avoiding the use of GETLIST or GETFILE commands until a patch is available. As a temporary workaround, restrict access to untrusted FTP servers to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.