CVE-2009-3484

Core FTP 2.1 build 1612 - Stack-based Buffer Overflow via Long Hostname in Site Backup File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-3484. PoCs published by Dr_IDE.

AI-analyzed exploit summary This is a local buffer overflow PoC for Core FTP LE v2.1 build 1612, exploiting a Unicode-based vulnerability by overwriting the EIP register with a long string of 'A' characters. The exploit generates a malicious input file that triggers the overflow when used in the 'Quick Connect' feature.

Description

Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Dr_IDE · pythondoswindows

https://www.exploit-db.com/exploits/9815

View Code ZIP pw:eip

This is a local buffer overflow PoC for Core FTP LE v2.1 build 1612, exploiting a Unicode-based vulnerability by overwriting the EIP register with a long string of 'A' characters. The exploit generates a malicious input file that triggers the overflow when used in the 'Quick Connect' feature.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Core FTP LE v2.1 build 1612

No auth needed

Prerequisites: Core FTP LE v2.1 build 1612 installed on the target system · Ability to execute the script locally or deliver the malicious file to the victim

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →