CVE-2008-4321

Flashget FTP - Memory Corruption

Title source: rule

Description

Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FTP servers to execute arbitrary code via a long response to the PWD command.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Guido Landi · perlremotewindows

https://www.exploit-db.com/exploits/6256

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by SkOd · perlremotewindows

https://www.exploit-db.com/exploits/6248

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by h07 · pythondoswindows

https://www.exploit-db.com/exploits/6240

View Code ZIP pw:eip

References (8)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6256

[Exploit] http://www.securityfocus.com/bid/30685

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/44443

[Vendor Advisory] http://secunia.com/advisories/31481

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6240

[Third Party Advisory] http://securityreason.com/securityalert/4327

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/2381

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6248

Scores

EPSS 0.1901

EPSS Percentile 95.3%

Details

CWE

CWE-119

Status published

Products (1)

flashget/flashget_ftp 1.9

Published Sep 29, 2008

Tracked Since Feb 18, 2026