CVE-2008-0590

WS_FTP Server 6.1.0.0 - Authenticated Buffer Overflow via Long Opendir Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0590. PoCs published by securfrog.

AI-analyzed exploit summary This exploit triggers a remote buffer overflow in IpSwitch WS_FTP Server 6.1.0.0 via a maliciously crafted SFTP directory name. The PoC sends a long string of 'A' characters (5131 bytes) to overflow the buffer, causing an access violation.

Description

Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long opendir command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by securfrog · perldoswindows

https://www.exploit-db.com/exploits/5044

View Code ZIP pw:eip

This exploit triggers a remote buffer overflow in IpSwitch WS_FTP Server 6.1.0.0 via a maliciously crafted SFTP directory name. The PoC sends a long string of 'A' characters (5131 bytes) to overflow the buffer, causing an access violation.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: IpSwitch WS_FTP Server 6.1.0.0

Auth required

Prerequisites: Network access to the target · Valid SSH credentials

MITRE ATT&CK