CVE-2005-2767

LeapFTP - Buffer Overflow via Long Host String in Site Queue File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-2767. PoCs published by Sowhat.

AI-analyzed exploit summary This exploit leverages a buffer overflow vulnerability in LeapFTP by providing a malformed .lsq file with an excessively long HOST field. The overflow can lead to remote code execution in the context of the user running the application.

Description

Buffer overflow in LeapFTP allows remote attackers to execute arbitrary code via a long Host string in a Site Queue (.lsq) file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Sowhat · textdoswindows

https://www.exploit-db.com/exploits/26194

View Code ZIP pw:eip

This exploit leverages a buffer overflow vulnerability in LeapFTP by providing a malformed .lsq file with an excessively long HOST field. The overflow can lead to remote code execution in the context of the user running the application.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: LeapFTP versions prior to 2.7.6.612

No auth needed

Prerequisites: Victim must open the malformed .lsq file

MITRE ATT&CK