PCMan FTP Server Buffer Overflow Vulnerability in MPUT Command Handler

A critical buffer overflow vulnerability has been identified in PCMan FTP Server version 2.0.7. This issue arises in the MPUT Command Handler, where the application improperly validates the size of input buffers before copying them to output buffers. This oversight allows for remote exploitation, as the vulnerability can be triggered by sending excessive data through the MPUT command. The flaw has been publicly disclosed, and an exploit is available.

Impact

Exploitation of this vulnerability leads to a buffer overflow, allowing for remote code execution on the affected system.

Reproduction

The vulnerability can be reproduced by sending an excessive amount of data through the 'MPUT' command. This causes the application to crash, indicating a buffer overflow condition. The offset for the exploit can be determined using tools like 'msf-pattern_create' and 'msf-pattern_offset'. After identifying the offset, the exploit can be crafted by injecting payloads, such as a reverse shell, into the application.