PCMan FTP Server Buffer Overflow Vulnerability in SYSTEM Command Handler

A critical buffer overflow vulnerability has been identified in PCMan FTP Server version 2.0.7. The issue arises in an unknown function of the SYSTEM Command Handler component, allowing remote exploitation. The vulnerability was disclosed publicly and is actively being exploited.

Impact

Exploitation of this vulnerability leads to a buffer overflow, allowing for arbitrary code execution. In this case, the exploitation was demonstrated by executing a reverse shell payload, providing the attacker with remote access to the affected system.

Reproduction

The vulnerability can be reproduced by sending an excessive amount of data through the 'SYSTEM' command, which causes the application to crash, indicating a buffer overflow. After confirming the vulnerability, the exploitation involves overwriting the Extended Instruction Pointer (EIP) with a return address that points to a payload, such as a reverse shell, which is then executed with the privileges of the FTP server process.