Odin Secure FTP Stack-Based Buffer Overflow Vulnerability Allowing Arbitrary Code Execution

A stack-based buffer overflow vulnerability has been identified in Odin Secure FTP versions through 4.1. This issue arises when the client processes directory listings received in response to an FTP LIST command. A malicious FTP server can exploit this vulnerability by sending an excessively long filename, which overflows a fixed-size stack buffer in the client. This overflow overwrites the Structured Exception Handler (SEH) record, potentially allowing remote attackers to execute arbitrary code on the affected system.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, allowing for arbitrary code execution on the client system.

Reproduction

The vulnerability can be reproduced by using an FTP server to send a directory listing response that includes a filename longer than what the client can safely process. This can be done by using the Metasploit Framework's FTP fuzzer module to automate the process of sending long filenames in response to FTP commands.