Primary

Context

Core FTP Lite Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

A buffer overflow vulnerability has been identified in Core FTP Lite version 1.3, specifically in the username input field. This vulnerability allows attackers to crash the application by entering excessively large input. By using a payload of 7000 bytes composed of repeated 'A' characters, the application can be made to crash without any further user interaction.

Impact

Exploitation of this vulnerability causes a denial-of-service condition by crashing the application.

Reproduction

The vulnerability can be reproduced by entering 7000 bytes of repeated 'A' characters into the username field of Core FTP Lite version 1.3. This input size exceeds the buffer capacity, leading to a crash of the application.

Added: Feb 7, 2026, 12:31 AM

Updated: Feb 7, 2026, 12:31 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Core FTP Lite Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating