CVE-2005-0634

Golden FTP Server 1.92 - Remote Code Execution via Long USER Command

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2005-0634. PoCs published by darkeagle, c0d3r, ATmaCA.

AI-analyzed exploit summary This exploit targets a stack overflow vulnerability in Golden FTP Server Pro 2.52.0.0, allowing remote code execution by sending a maliciously crafted USER command with embedded shellcode that binds a shell to port 4444.

Description

Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command.

Exploits (3)

exploitdb WORKING POC VERIFIED
by darkeagle · cremotewindows
https://www.exploit-db.com/exploits/969

This exploit targets a stack overflow vulnerability in Golden FTP Server Pro 2.52.0.0, allowing remote code execution by sending a maliciously crafted USER command with embedded shellcode that binds a shell to port 4444.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Golden FTP Server Pro 2.52.0.0
No auth needed
Prerequisites: Network access to the target FTP server · Target running Golden FTP Server Pro 2.52.0.0 on Windows XP SP0
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by c0d3r · cremotewindows
https://www.exploit-db.com/exploits/968

This exploit targets a stack-based buffer overflow in Golden FTP Server Pro 2.5.0.0 and prior. It sends a crafted payload to trigger the vulnerability, resulting in remote code execution via a reverse shell on port 4444.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Golden FTP Server Pro 2.5.0.0 and prior
No auth needed
Prerequisites: Network access to the target FTP server · Target must be running a vulnerable version of Golden FTP Server Pro
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ATmaCA · c++remotewindows
https://www.exploit-db.com/exploits/967

This exploit targets a buffer overflow vulnerability in Golden FTP Server Pro v2.52. It sends a maliciously crafted USER command with a long string of 'A's followed by a return address, NOP sled, and shellcode to spawn a bind shell on port 4444.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Golden FTP Server Pro v2.52
No auth needed
Prerequisites: Network access to the target FTP server · Target must be running Golden FTP Server Pro v2.52
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Various Sources x_refsource_misc
http://retrogod.altervista.org/golden_heap.html
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/12704
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4936
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23323
Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/391987

Scores

EPSS 0.1059
EPSS Percentile 93.5%

Details

Status published
Products (1)
kmint21_software/golden_ftp_server 1.92
Published May 02, 2005
Tracked Since Feb 18, 2026