Buffer-overrun vulnerability in WS_FTP Pro or ( get Filezilla cause its better :lol: )



John Layman discovered that a buffer-overrun vulnerability in WS_FTP Pro 8.02 and earlier can cause arbitrary code execution on the vulnerable system. If an attacker sends an ASCII mode directory data file that exceeds 260 bytes, and the file isn't terminated by a carriage return/line feed (CRLF), a buffer overrun results. WS_FTP Pro 8.03 isn't vulnerable to the buffer-overrun condition, so users should consider upgrading to version 8.03.


SOURCE (http://www.winnetmag.com/WindowsSecurity/Article/ArticleID/42098/WindowsSecurity_42098.html)

SH thanks for the info and the heads up. I updated the software and I also downloaded FileZilla, that program is TIGHT. I see myself switch over as soon as I get all my ftp sites configured in FileZilla

Interesting.

This is not their 1st flaw.

hi shn

i hope u enjoy'd had a good one.

I tried sayin' earlier everything post i try today i'm gettin anti spam crap.So fuck it.

well that migh explain somethings :).
but anyways i updated long ago...

Buffer overflows are the first thing they teach you in a programming class.

And get LeechFTP, it owns FileZilla. :P

i never got a programming class,all i learned was purely from mysqelf (and with google)