vendor:
LeapFTP
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: LeapFTP
Affected Version From: Prior to 2.7.6.612
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: a:leapware:leapftp
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005
LeapFTP Client Remote Buffer Overflow Vulnerability
LeapFTP client is prone to a remote buffer overflow vulnerability. The issue arises when the client handles a malformed LeapFTP Site Queue (.lsq) file. A remote attacker may gain unauthorized access in the context of the user running the application.
Mitigation:
Upgrade to LeapFTP version 2.7.6.612 or later.