An internal memory buffer may be overrun while handling long "USER" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the NetTerm NetFTPD.exe process. FreeFTPD will be left inaccessible after successful exploitation.
CVE Link
Exploit Platform
Product Name