CVE-2008-5045

Network-Client FTP Now 2.6 - Denial of Service via 1024-Character 200 Server Response

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-5045. PoCs published by DeltahackingTEAM.

AI-analyzed exploit summary This exploit targets a heap overflow vulnerability in FTP Now version 2.6 by sending a crafted response of exactly 1024 characters, causing a buffer overflow. It acts as a malicious FTP server to trigger the vulnerability.

Description

Heap-based buffer overflow in Network-Client FTP Now 2.6, and possibly other versions, allows remote FTP servers to cause a denial of service (crash) via a 200 server response that is exactly 1024 characters long.

Exploits (1)

exploitdb WORKING POC VERIFIED
by DeltahackingTEAM · perldoswindows
https://www.exploit-db.com/exploits/6926

This exploit targets a heap overflow vulnerability in FTP Now version 2.6 by sending a crafted response of exactly 1024 characters, causing a buffer overflow. It acts as a malicious FTP server to trigger the vulnerability.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: FTP Now version 2.6
No auth needed
Prerequisites: Network access to the target · FTP Now version 2.6 running on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46319
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4583
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/6926
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32080

Scores

EPSS 0.0338
EPSS Percentile 87.2%

Details

CWE
CWE-119
Status published
Products (1)
network-client.com/ftp_now 2.6
Published Nov 13, 2008
Tracked Since Feb 18, 2026