freeFTPd Buffer Overflow Vulnerability in PASS Command Handling

A stack-based buffer overflow vulnerability has been identified in freeFTPd versions through 1.0.10. The issue arises in the FTP PASS command processing, where the application fails to properly validate the length of user-supplied password strings. This lack of input validation can lead to memory corruption, potentially causing a denial-of-service condition or allowing arbitrary code execution. Exploitation of this vulnerability requires the anonymous user account to be enabled.

Impact

Exploitation of this vulnerability can cause a stack-based buffer overflow, leading to memory corruption. This allows for arbitrary code execution or the creation of a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by sending a specially crafted password string through the FTP PASS command. This can be done using an FTP client or a custom script that connects to the freeFTPd server with an anonymous account. The crafted password should be designed to exceed the buffer limit, causing a stack-based overflow.