FreeFloat FTP Server Buffer Overflow Vulnerability in GLOB Command Handler

A critical buffer overflow vulnerability has been identified in FreeFloat FTP Server version 1.0, specifically within the GLOB Command Handler component. This vulnerability can be exploited remotely, allowing attackers to manipulate the server and potentially execute arbitrary code.

Impact

Exploitation of this vulnerability leads to a buffer overflow, which can commonly result in arbitrary code execution on the affected system.

Reproduction

The vulnerability can be reproduced by sending a crafted payload that exploits the buffer overflow in the GLOB command. This can be done using a Perl script that connects to the FTP server, authenticates with anonymous credentials, and then sends the GLOB command with the payload. The payload should be carefully crafted to include the necessary offset to overwrite the return address and execute the injected code.