EFTP Buffer Overflow Network Vulnerability

Summary

It was possible to crash the EFTP service by uploading a *.lnk file containing too much data. A cracker may use this attack to make this service crash continuously, or run arbitrary code on your system.

Solution

upgrade EFTP to 2.0.8.x

Severity

Classification

CVE CVE-2001-1112
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

HTTP User-Agent overflow
HTTP 1.0 header overflow
Generic format string
Boozt index.cgi overflow
Array Networks vxAG/xAPV Authentication Bypass Vulnerabilities

EFTP buffer overflow

Take action and discover your vulnerabilities