You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
thanks for reporting this bug. The recv buffer rcvbuf in ftp_client_thread routine limited to PATH_MAX * 2, but internal buffer _text in writelogentry is only 512 chars, resulting in buffer overflow as you pointed.
Hello,
I've noticed a buffer overflow in the Unix version of LightFTP v1.1.
This append in the "writelogentry" function.
With this payload :
python -c 'print "USER anonymous\nPASS anonymous\n" + "A"*499 + "B"*10 + "\x0D\x0A" ' | nc 127.0.0.1 9999
With this configuration :
POC :
This buffer overflow can lead to remote code execution or a denial of service.
I hope this will help you to fix the vuln.
The text was updated successfully, but these errors were encountered: