Published: 01/03/2018 Updated: 01/03/2019

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

An issue exists in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and CVE-2017-6465.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ftpshell ftpshell client 6.70

FTPShell Client version 67 suffers from a remote buffer overflow vulnerability ...

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::TcpServer def initialize(info = {}) super(update_info(info, 'Name' => 'FTPShell ...

# -*- coding: utf-8 -*- # Exploit Title: FTPShell Client 67 - Remote Buffer Overflow # Date: 2018-01-03 # Exploit Author: Sebastián Castro @r4wd3r # Vendor Homepage: wwwftpshellcom/indexhtm # Software Link: wwwftpshellcom/downloadhtm # Version: 67 # Tested on: Windows Server 2008 R2 x64, Windows 7 SP1 x64, Windows XP SP3 x86 ...

CWE-119 https://cxsecurity.com/issue/WLB-2018030011 https://www.exploit-db.com/exploits/44596/https://www.exploit-db.com/exploits/44968/https://nvd.nist.gov https://packetstormsecurity.com/files/147524/FTPShell-Client-6.7-Buffer-Overflow.html https://www.exploit-db.com/exploits/44968/

CVE-2018-7573

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect