Published: 10/03/2017 Updated: 14/03/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Remote Code Execution exists in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leading to a buffer overflow situation.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ftpshell ftpshell client 6.53

# Exploit Title: FTPShell Client 653 buffer overflow on making initial connection # Date: 2017-03-04 # Exploit Author: Peter Baris # Vendor Homepage: wwwsaptech-erpcomau # Software Link: wwwftpshellcom/downloadclienthtm # Version: Windows Server 2008 R2 x64 # Tested on: Windows Server 2008 R2 Standard x64 # CVE: CVE-2017-6465 ...

FTPShell Client version 653 suffers from a buffer overflow vulnerability ...

FTPShell Client version 653 buffer overflow exploit written in python ...

CWE-119 https://www.exploit-db.com/exploits/41511/http://www.securityfocus.com/bid/96570 http://packetstormsecurity.com/files/141456/FTPShell-Client-6.53-Buffer-Overflow.html https://nvd.nist.gov https://www.exploit-db.com/exploits/41511/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-6465

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect