FreeBSD tnftp clientside exploit
This bug had been found by sud0woodo, he posted a quite exhaustive blog article about it but seemed not to be allowed or wanting to publish the bug, as there had been ongoing discussions with soffice's vendor. In the meantime i took the freedom to have a little fun and building my own exploit, but keeping it offline until sud0woodo publishes all. He did already some time ago, now here my version.
May the packets be with you