CVE-2003-0766

FTP Desktop client <3.5 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2003-0766. PoCs published by Bahaa Naamneh.

AI-analyzed exploit summary This is a technical writeup describing a buffer overflow vulnerability in FTP Desktop when processing overly long 331 server responses. It outlines the exploit structure but does not include executable code.

Description

Multiple heap-based buffer overflows in FTP Desktop client 3.5, and possibly earlier versions, allow remote malicious servers to execute arbitrary code via (1) a long FTP banner, (2) a long response to a USER command, or (3) a long response to a PASS command.

Exploits (2)

exploitdb WRITEUP VERIFIED
by Bahaa Naamneh · textdoswindows
https://www.exploit-db.com/exploits/23118

This is a technical writeup describing a buffer overflow vulnerability in FTP Desktop when processing overly long 331 server responses. It outlines the exploit structure but does not include executable code.

Classification
Writeup 80%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: FTP Desktop (version not specified)
No auth needed
Prerequisites: Access to a malicious or compromised FTP server · FTP Desktop client connecting to the server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Bahaa Naamneh · textdoswindows
https://www.exploit-db.com/exploits/23117

This exploit demonstrates a buffer overflow in FTP Desktop when processing an overly long FTP banner (220 message). The PoC shows a crafted payload with padding, EBP, and EIP overwrites, leading to an access violation at 0x58585858.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: FTP Desktop (version not specified)
No auth needed
Prerequisites: Network access to the target FTP client · Ability to send a crafted FTP banner
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106305502230604&w=2

Scores

EPSS 0.0671
EPSS Percentile 93.1%

Details

Status published
Products (1)
ftp_desktop/ftp_desktop 3.5
Published Sep 17, 2003
Tracked Since Feb 18, 2026