Primary

Context

PCMan FTP Server Buffer Overflow Vulnerability in ASCII Command Handler

Vulnerability

A critical buffer overflow vulnerability has been identified in PCMan FTP Server versions through 2.0.7. This issue arises in the ASCII Command Handler component, allowing remote attackers to manipulate the server's memory and potentially execute arbitrary code.

Impact

Exploitation of this vulnerability leads to a buffer overflow, which can commonly result in arbitrary code execution on the affected system.

Reproduction

The vulnerability can be reproduced by sending a crafted payload through the ASCII command after authenticating with the FTP server. The payload must be carefully crafted to exploit the buffer overflow by overwriting the return address with a location that executes the attacker's code.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

7.5

exploitability

9.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

7.5

exploitability

9.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PCMan FTP Server Buffer Overflow Vulnerability in ASCII Command Handler

Vulnerability

Impact

Reproduction

Affected Products

PCMan FTP Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating