TurboSoft TurboFTP Server PORT Command Buffer Overflow

Added: 11/05/2012
BID: 55764
OSVDB: 85887

Background

TurboSoft TurboFTP Server is a MS Windows based file transfer server that provides FTP, FTP over SSL/TLS, and SFTP over SSH services.

Problem

TurboFTP Server 1.30.826 is vulnerable to a stack based buffer overflow that could allow remote code execution. The specific vulnerability is a result of inadequate boundary checking during the parsing of an FTP port command. A remote authenticated attacker could trigger this vulnerability by providing a specially crafted IP octet string, executing arbitrary code in the context of the affected server.

Resolution

Contact the vendor for an update to TurboFTP 1.30.826 when one becomes available.

References

http://secunia.com/advisories/50595/

Limitations

A valid FTP user's credentials must be given to the exploit script. A valid user may include the anonymous user.

This exploit has been tested against TurboSoft TurboFTP 1.30.826 on Microsoft Windows Server 2003 SP2 English (DEP OptOut) and Microsoft Windows Server 2008 SP2 (DEP OptOut).

Platforms

Windows

Back to exploit index