Skip to content

Instantly share code, notes, and snippets.

@berkgoksel

berkgoksel/Core FTP LE - Remote Buffer Overflow - (CVE-2018-12113).md

Last active June 22, 2018 06:44
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save berkgoksel/a654c8cb661c7a27a3f763dee92016aa to your computer and use it in GitHub Desktop.
Save berkgoksel/a654c8cb661c7a27a3f763dee92016aa to your computer and use it in GitHub Desktop.
Download ZIP
Core FTP LE version 2.2 Build 1921 is prone to a buffer overflow vulnerability that may result in a DoS or remote code execution
Raw
Core FTP LE - Remote Buffer Overflow - (CVE-2018-12113).md

Suggested description

Core FTP LE version 2.2 Build 1921 is prone to a buffer overflow vulnerability that may result in a DoS or remote code execution via a PASV response.

Vulnerability Type

Buffer Overflow

Vendor of Product

Core FTP

Affected Product Code Base

Core FTP LE - 2.2 Build 1921

Affected Component

Affected FTP command(response): PASV and possibly others.

Attack Type

Remote

Impact Code execution

true

Impact Denial of Service

true

Attack Vectors

In order to exploit this vulnerability an attacker has to host a malicious ftp server

Discoverer

Berk Cem Göksel

Reference

Reference: https://gist.github.com/berkgoksel/a654c8cb661c7a27a3f763dee92016aa

PoC: https://gist.github.com/berkgoksel/e97b3f3b15e2f8293f649d4ebe6a6fc9

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment