FreeFloat FTP Server Buffer Overflow Vulnerability in MPUT Command Handler

A critical buffer overflow vulnerability has been identified in FreeFloat FTP Server version 1.0. This issue arises in the MPUT Command Handler, where the application improperly handles input buffer sizes, allowing for remote exploitation. The vulnerability has been publicly disclosed and is available as a proof-of-concept exploit.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution, allowing an attacker to gain a remote shell on the affected system.

Reproduction

The vulnerability can be reproduced by sending an excessive amount of data through the 'MPUT' command. This overloads the application, causing it to crash and indicating a buffer overflow condition. The offset for the buffer overflow can be determined using tools like 'msf-pattern-create' and 'msf-pattern-offset'. After identifying the correct offset, the exploit can be crafted by inserting a payload that includes a 'JMP ESP' instruction to redirect execution flow, followed by shellcode generated with 'msfvenom'.