Primary

Context

FreeFloat FTP Server Buffer Overflow Vulnerability in RECV Command Handler

Vulnerability

A critical buffer overflow vulnerability has been identified in FreeFloat FTP Server version 1.0. This issue arises in the RECV Command Handler, where the server improperly processes input, allowing for a buffer overflow. The vulnerability can be exploited remotely, without any authentication.

Impact

Exploitation of this vulnerability leads to a buffer overflow, which can commonly result in arbitrary code execution or causing the application to crash.

Reproduction

The vulnerability can be reproduced by sending an excessive amount of data through the 'RECV' command. This overload causes the application to crash, indicating a buffer overflow condition. After confirming the vulnerability, the offset for the overflow can be determined and exploited by injecting payloads, such as reverse shell commands, into the application.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

10.0

exploitability

9.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

10.0

exploitability

9.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FreeFloat FTP Server Buffer Overflow Vulnerability in RECV Command Handler

Vulnerability

Impact

Reproduction

Affected Products

FreeFloat FTP Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating