CVE-2003-1368

Electrasoft FTP Client 9.49.1 - Buffer Overflow via Long FTP Server Banner

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-1368. PoCs published by Dennis Rand.

AI-analyzed exploit summary This Perl script exploits a buffer overflow vulnerability in Electrasoft 32Bit FTP client by sending a large banner response to crash the client. The PoC demonstrates the issue but does not include a payload for arbitrary code execution.

Description

Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Dennis Rand · perldoswindows
https://www.exploit-db.com/exploits/22221

This Perl script exploits a buffer overflow vulnerability in Electrasoft 32Bit FTP client by sending a large banner response to crash the client. The PoC demonstrates the issue but does not include a payload for arbitrary code execution.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Electrasoft 32Bit FTP Client version p9.49.01, ByteCatcher FTP Client V1.04b
No auth needed
Prerequisites: Network access to the target FTP client · Ability to set up a malicious FTP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/11234
Third Party Advisory mailing-list x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0054.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6764

Scores

EPSS 0.0428
EPSS Percentile 89.8%

Details

CWE
CWE-119
Status published
Products (1)
electrasoft/ftp_client 9.49.01
Published Dec 31, 2003
Tracked Since Feb 18, 2026