CVE-2005-0277

3Com 3CDaemon 2.0 revision 10 - Buffer Overflow via Long FTP Command Argument

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2005-0277. PoCs published by Metasploit, class101, c0d3r, including Metasploit module exploits/windows/ftp/3cdaemon_ftp_user.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in 3Com 3CDaemon FTP Server 2.0 via the USER command, allowing remote code execution. It includes SEH-based exploitation and targets multiple Windows versions.

Description

Buffer overflow in the FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via (1) a long username in the USER command or (2) an FTP command that contains a long argument, such as cd, send, or ls.

Exploits (4)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16730

This Metasploit module exploits a buffer overflow in 3Com 3CDaemon FTP Server 2.0 via the USER command, allowing remote code execution. It includes SEH-based exploitation and targets multiple Windows versions.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: 3Com 3CDaemon FTP Server Version 2.0
No auth needed
Prerequisites: Network access to the vulnerable FTP service
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by class101 · cremotewindows
https://www.exploit-db.com/exploits/827

This exploit targets a buffer overflow vulnerability in 3CDaemon FTP server (CVE-2005-0277) by sending a maliciously crafted USER command without requiring authentication. It includes shellcode for both bind and reverse shell payloads, with support for multiple Windows versions.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: 3CDaemon FTP Server v2.0 rev10
No auth needed
Prerequisites: Network access to the vulnerable FTP server · Target must be running 3CDaemon FTP Server v2.0 rev10
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by c0d3r · cremotewindows
https://www.exploit-db.com/exploits/825

This exploit targets a buffer overflow vulnerability in 3CDaemon FTP Server version 2.0 revision 10. It sends a maliciously crafted buffer to trigger a stack-based overflow, redirecting execution to shellcode that binds a shell on port 4444.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: 3CDaemon FTP Server version 2.0 revision 10
Auth required
Prerequisites: Network access to the target FTP server · Valid credentials for authentication
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by hdm, otr · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/3cdaemon_ftp_user.rb

This Metasploit module exploits a buffer overflow vulnerability in 3Com 3CDaemon FTP Server Version 2.0 via the USER command, allowing remote code execution. It includes SEH-based exploitation for various Windows versions.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: 3Com 3CDaemon FTP Server Version 2.0
No auth needed
Prerequisites: Network access to the vulnerable FTP service
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/12155
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18754
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110485674622696&w=2
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110886719528518&w=2

Scores

EPSS 0.6191
EPSS Percentile 99.1%

Details

Status published
Products (1)
3com/3cdaemon 2.0 revision_10
Published May 02, 2005
Tracked Since Feb 18, 2026