Primary

Context

FreeFloat FTP Server Buffer Overflow Vulnerability in MDIR Command Handler

Vulnerability

A critical buffer overflow vulnerability has been identified in FreeFloat FTP Server version 1.0. The issue arises in the MDIR Command Handler, where an unknown functionality can be manipulated to cause a buffer overflow. This vulnerability can be exploited remotely, leading to potential arbitrary code execution.

Impact

Exploitation of this vulnerability allows for a remote buffer overflow, which could be used to execute arbitrary code on the affected system.

Reproduction

The vulnerability can be reproduced by sending an excessive amount of data through the 'mdir' command. This causes the application to crash, indicating a buffer overflow condition. After identifying the offset needed to overwrite the return address, the exploitation can be completed by injecting a payload, such as a reverse shell, into the overflowed buffer.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

10.0

exploitability

9.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

10.0

exploitability

9.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FreeFloat FTP Server Buffer Overflow Vulnerability in MDIR Command Handler

Vulnerability

Impact

Reproduction

Affected Products

FreeFloat FTP Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating