This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing Free Download Manager Control Server. The vulnerability is caused due to a boundary error within Free Download Manager Control Server when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command.
An internal memory buffer may be overrun while handling long "USER" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the FreeFTPdService.exe process. FreeFTPD will be left inaccessible after successful exploitation.
An internal memory buffer may be overrun while handling long "PASS" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the FreeFTPdService.exe process. FreeFTPD will be left inaccessible after successful exploitation.
There is a vulnerability in the message dispatcher used by FSSO Windows Active Directory and FSSO Novell eDirectory The software installs a service which by default listens on port 8000 TCP. By sending a specially crafted packet it is possible to trigger a stack based buffer overflow which allows execution of arbitrary code with the privileges of the FSSO user, which is generally a Windows AD domain user
Subscribe to Windows