CVE-2008-5106

KarjaSoft Sami FTP Server 2.0.x - Buffer Overflow via Long Command Argument

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-5106. PoCs published by superkojiman, including Metasploit module exploits/windows/ftp/sami_ftpd_list.

AI-analyzed exploit summary This Metasploit module exploits a stack-based buffer overflow in Sami FTP Server 2.0.1 via a malformed LIST command. It requires the attacker to know or resolve the source IP address and for the victim to view the 'Log' tab in the managing application.

Description

Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to an arbitrary command, which triggers the overflow when the SamyFtp.binlog log file is viewed in the management console. NOTE: this may overlap CVE-2006-0441 and CVE-2006-2212.

Exploits (1)

metasploit WORKING POC LOW

by superkojiman · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/sami_ftpd_list.rb

View Code ZIP pw:eip

This Metasploit module exploits a stack-based buffer overflow in Sami FTP Server 2.0.1 via a malformed LIST command. It requires the attacker to know or resolve the source IP address and for the victim to view the 'Log' tab in the managing application.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Sami FTP Server 2.0.1

No auth needed

Prerequisites: Target must be running Sami FTP Server 2.0.1 · Victim must view the 'Log' tab in the managing application · Attacker must know or resolve the source IP address

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →