Description
Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of these details are obtained from third party information.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Dr_IDE · pythondoswindows
https://www.exploit-db.com/exploits/9815
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/58385
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/53488
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/36872
Exploit x_refsource_misc
http://www.packetstormsecurity.org/0909-exploits/coreftp_local.py.txt
Scores
EPSS
0.0785
EPSS Percentile
92.0%
Details
CWE
CWE-119
Status
published
Products (1)
coreftp/core_ftp
2.1
Published
Sep 30, 2009
Tracked Since
Feb 18, 2026