vendor:
PFTP Server
by:
Robbie Corley
N/A
CVSS
N/A
SEH based buffer overflow
CWE
Product Name: PFTP Server
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Windows 7 64-bit
2015
PFTP Server 8.0f (lite) SEH bypass technique tested on Win7x64
There is a textfield within the program that asks for IPs to be blocked against the FTP server that is vulnerable to an SEH based buffer overflow.
Mitigation:
Manually adding an exception to ASLR in the registry