Konica Minolta FTP Utility Buffer Overflow Vulnerability in LIST Command Allowing Denial-of-Service

A buffer overflow vulnerability has been identified in Konica Minolta FTP Utility version 1.0. The issue arises in the LIST command, where attackers can send an oversized buffer of 1500 'A' characters. This exploitation overwrites system registers, crashes the FTP server, and potentially allows for unauthorized code execution.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition on the FTP server, causing it to crash. Additionally, the buffer overflow allows for overwriting of system registers, which could be leveraged to execute unauthorized code. According to the vulnerability advisory, this could be developed into a remote buffer overflow exploit that gains root access on the system without user interaction.

Reproduction

The vulnerability can be reproduced by using an FTP client to connect to the vulnerable FTP server running Konica Minolta FTP Utility 1.0 on Windows. After logging in, the LIST command can be issued with a buffer of 1500 'A' characters. This will overwrite registers such as EAX, ESI, and EDI, crash the FTP server, and demonstrate the potential for unauthorized code execution.