CVE-2017-6465

Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leading to a buffer overflow situation.
References
Link Resource
http://packetstormsecurity.com/files/141456/FTPShell-Client-6.53-Buffer-Overflow.html Exploit Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/96570 Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/41511/ Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:ftpshell:ftpshell_client:6.53:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-03-10 01:59

Updated : 2024-02-04 19:11


NVD link : CVE-2017-6465

Mitre link : CVE-2017-6465

CVE.ORG link : CVE-2017-6465


JSON object : View

Products Affected

ftpshell

  • ftpshell_client
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer