CVE-2006-2180

Golden FTP Server Pro 2.70 - Buffer Overflow via NLST or APPE Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2180. PoCs published by Jerome Athias.

AI-analyzed exploit summary This exploit targets Golden FTP Server Pro 2.70 by sending a malformed APPE command with a long string to trigger a Denial of Service (DoS). It uses Perl and the Net::FTP module to establish a connection and send the exploit string.

Description

Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long argument to the (1) NLST or (2) APPE commands, as demonstrated by the Infigo FTPStress Fuzzer.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jerome Athias · perldoswindows

https://www.exploit-db.com/exploits/1743

View Code ZIP pw:eip

This exploit targets Golden FTP Server Pro 2.70 by sending a malformed APPE command with a long string to trigger a Denial of Service (DoS). It uses Perl and the Net::FTP module to establish a connection and send the exploit string.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Golden FTP Server Pro 2.70

Auth required

Prerequisites: Network access to the target FTP server · Valid or guessable credentials for authentication

MITRE ATT&CK