Reported May 30, 2001, by SNS Research.
VERSION AFFECTED
· Pi-Soft SpoonFTP 1.0.0.12 for Windows 2000, Windows NT, Windows Me, and Windows 9x
DESCRIPTION
A
Denial of Service (DoS) condition exists in Pi-Soft SpoonFTP 1.0.0.12 that can
let an attacker execute arbitrary code on the server. By establishing an FTP
connection to a vulnerable server and issuing the LIST or CWD command, followed
by 531 bytes of data or more, an attacker can cause the server process to crash.
In most cases, the computer kills the process before passing any data to the
stack, but the possibility still exists for an attacker to overwrite the
code’s execution instruction point (EIP) and execute the code.
VENDOR RESPONSE
The vendor, Pi-Soft Consulting, has released version 1.0.0.13 to fix this vulnerability.
CREDIT
Discovered by SNS Research.