CVE-2000-0133

Tiny FTPd < 0.52 - Buffer Overflow via STOR/RNTO/MKD/XMKD/RMD/XRMD/APPE/SIZE/RNFR Commands

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0133. PoCs published by UNYUN.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Tiny FTPd 0.52 beta3 via the STOR command. It crafts a malicious payload to overwrite the stack, execute arbitrary code, and modify the Windows registry to lower IE security settings for a specific domain.

Description

Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR, RNTO, MKD, XMKD, RMD, XRMD, APPE, SIZE, and RNFR commands.

Exploits (1)

exploitdb WORKING POC VERIFIED

by UNYUN · cremotewindows

https://www.exploit-db.com/exploits/19737

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Tiny FTPd 0.52 beta3 via the STOR command. It crafts a malicious payload to overwrite the stack, execute arbitrary code, and modify the Windows registry to lower IE security settings for a specific domain.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Tiny FTPd 0.52 beta3

Auth required

Prerequisites: Network access to Tiny FTPd server · Valid FTP credentials

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/961

Scores

EPSS 0.0801

EPSS Percentile 94.0%

Details

Status published

Products (1)

h._nomura/tiny_ftpdaemon < 0.52

Published Feb 01, 2000

Tracked Since Feb 18, 2026