FreeFloat FTP Server Buffer Overflow Vulnerability in RESTART Command Handler

A critical buffer overflow vulnerability has been identified in FreeFloat FTP Server version 1.0. This issue arises from an unknown processing flaw in the RESTART Command Handler, allowing remote attackers to manipulate the command and cause a buffer overflow. The vulnerability does not require authentication, and an exploit is publicly available.

Impact

Exploitation of this vulnerability leads to a buffer overflow, allowing for arbitrary code execution. The successful exploitation has been demonstrated to provide a reverse shell on the affected system, with the attacker's commands executed under the privileges of the vulnerable process.

Reproduction

The vulnerability can be reproduced by sending an excessive amount of data through the 'RESTART' command. This overloads the application's buffer capacity, causing it to crash and indicating a buffer overflow condition. After confirming the vulnerability, the exploitation involves calculating the precise offset needed to overwrite the Extended Instruction Pointer (EIP) and redirect execution to a payload, which can be a reverse shell, for example.