CVE-2006-2027

Quick 'n Easy FTP Server Professional and Lite - Authenticated Buffer Overflow in Logging Functionality

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2027. PoCs published by KaGra.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Quick 'n Easy FTP Server 2.4 by sending a large buffer (1041 bytes) in the PASS command, causing a denial of service (DoS) when the server's log file is viewed. The exploit uses Perl and the Net::FTP module to connect and send the malicious payload.

Description

Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when an admin selects the Logging section in the FTP server main window. NOTE: the original researcher claims that the vendor disputes this issue.

Exploits (1)

exploitdb WORKING POC VERIFIED
by KaGra · perldoswindows
https://www.exploit-db.com/exploits/593

This exploit targets a buffer overflow vulnerability in Quick 'n Easy FTP Server 2.4 by sending a large buffer (1041 bytes) in the PASS command, causing a denial of service (DoS) when the server's log file is viewed. The exploit uses Perl and the Net::FTP module to connect and send the malicious payload.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Quick 'n Easy FTP Server 2.4
No auth needed
Prerequisites: Network access to the target FTP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/17681
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/431920/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/788
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/25235

Scores

EPSS 0.0386
EPSS Percentile 88.8%

Details

Status published
Products (1)
pablo_software_solutions/quick_n_easy_ftp_server 3.0 (2 CPE variants)
Published Apr 26, 2006
Tracked Since Feb 18, 2026