PCMan FTP Server Buffer Overflow Vulnerability in RMDIR Command Handler

A critical buffer overflow vulnerability has been identified in PCMan FTP Server version 2.0.7. This issue arises from the RMDIR Command Handler, where the server improperly processes input, allowing for a buffer overflow that can be exploited remotely. The vulnerability does not require authentication.

Impact

Exploitation of this vulnerability leads to a buffer overflow, which can commonly result in arbitrary code execution or causing a crash, disrupting the service.

Reproduction

The vulnerability can be reproduced by sending a crafted RMDIR command that includes a payload designed to overflow the buffer. This can be done using a FTP client or a script that automates the process. The payload should be carefully crafted to include the exploit, such as a reverse shell, and must be aligned to overwrite the return address with a location that executes the payload.