FreeFloat FTP Server Buffer Overflow Vulnerability in GET Command Handler

A critical buffer overflow vulnerability has been identified in FreeFloat FTP Server version 1.0.0. The issue arises in the GET Command Handler, where an unknown functionality can be manipulated, potentially allowing remote exploitation. The vulnerability has been publicly disclosed and is accompanied by an available exploit.

Impact

Exploitation of this vulnerability leads to a buffer overflow, which can commonly result in arbitrary code execution or causing a crash, depending on how the overflow is handled.

Reproduction

The vulnerability can be reproduced by sending a crafted payload that exploits the buffer overflow in the GET command. This can be done using a Perl script that establishes a TCP connection to the FTP server on port 21. The script should send the payload after the FTP authentication process. The payload must be carefully crafted to include the overflow data, the return address (pointing to a JMP ESP instruction in kernel32.dll), and the shellcode for a reverse shell.