sharedholder
03-25-2004, 01:54 PM
Buffer-overrun vulnerability in WS_FTP Pro or ( get Filezilla cause its better :lol: )
John Layman discovered that a buffer-overrun vulnerability in WS_FTP Pro 8.02 and earlier can cause arbitrary code execution on the vulnerable system. If an attacker sends an ASCII mode directory data file that exceeds 260 bytes, and the file isn't terminated by a carriage return/line feed (CRLF), a buffer overrun results. WS_FTP Pro 8.03 isn't vulnerable to the buffer-overrun condition, so users should consider upgrading to version 8.03.
SOURCE (http://www.winnetmag.com/WindowsSecurity/Article/ArticleID/42098/WindowsSecurity_42098.html)
John Layman discovered that a buffer-overrun vulnerability in WS_FTP Pro 8.02 and earlier can cause arbitrary code execution on the vulnerable system. If an attacker sends an ASCII mode directory data file that exceeds 260 bytes, and the file isn't terminated by a carriage return/line feed (CRLF), a buffer overrun results. WS_FTP Pro 8.03 isn't vulnerable to the buffer-overrun condition, so users should consider upgrading to version 8.03.
SOURCE (http://www.winnetmag.com/WindowsSecurity/Article/ArticleID/42098/WindowsSecurity_42098.html)