Description
Multiple heap-based buffer overflows in FTP Desktop client 3.5, and possibly earlier versions, allow remote malicious servers to execute arbitrary code via (1) a long FTP banner, (2) a long response to a USER command, or (3) a long response to a PASS command.
Exploits (2)
exploitdb
WRITEUP
VERIFIED
by Bahaa Naamneh · textdoswindows
https://www.exploit-db.com/exploits/23118
exploitdb
WORKING POC
VERIFIED
by Bahaa Naamneh · textdoswindows
https://www.exploit-db.com/exploits/23117
References (1)
Core 1
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106305502230604&w=2
Scores
EPSS
0.0673
EPSS Percentile
91.3%
Details
Status
published
Products (1)
ftp_desktop/ftp_desktop
3.5
Published
Sep 17, 2003
Tracked Since
Feb 18, 2026