Summary
The host is installed with CuteFTP and is prone to buffer overflow vulnerability.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code and potentially compromise a user's system.
Impact Level: System/Application
Solution
Upgrade to version 8.3.4 or later,
For updates refer to http://www.cuteftp.com/downloads
Insight
The flaw is due to error in 'Create New Site' feature when connecting to sites having an overly long label. This can be exploited to corrupt heap memory by tricking a user into importing a malicious site list and connecting to a site having an overly long label.
Affected
CuteFTP Home/Pro/Lite 8.3.3, 8.3.3.54 on Windows.
References
Severity
Classification
-
CVE CVE-2009-3483 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Apple QuickTime Multiple Buffer Overflow Vulnerabilities (Windows)
- Attachmate Reflection FTP Client LIST Command Remote Heap Buffer Overflow Vulnerability
- Active Perl 'Perl_repeatcpy()' Function Buffer Overflow Vulnerability (Windows)
- Adobe Flash Player Multiple Vulnerabilities - Mar09 (Linux)
- BSPlayer Stack Overflow Vulnerability SRT