CVE-2011-3976

AmmSoft ScriptFTP 3.3 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in AmmSoft ScriptFTP 3.3 allows remote FTP servers to execute arbitrary code via a long filename in a response to a LIST command, as demonstrated using (1) GETLIST or (2) GETFILE in a ScriptFTP script.

Exploits (4)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/17948

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by modpr0be · pythonremotewindows

https://www.exploit-db.com/exploits/17876

View Code ZIP pw:eip

exploitdb WORKING POC

by otoy · rubyremotewindows

https://www.exploit-db.com/exploits/17904

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by modpr0be · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/scriptftp_list.rb

View Code ZIP pw:eip

References (6)

[US Government Resource] http://www.kb.cert.org/vuls/id/440219

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/69962

[Exploit] http://www.exploit-db.com/exploits/17876

[Exploit, URL Repurposed] http://www.digital-echidna.org/2011/09/scriptftp-3-3-remote-buffer-overflow-exploit-0day/

[Vendor Advisory] http://secunia.com/advisories/46099

[Exploit] http://www.securityfocus.com/bid/49707

Scores

EPSS 0.6626

EPSS Percentile 98.5%

Details

CWE

CWE-119

Status published

Products (1)

ammsoft/scriptftp 3.3

Published Oct 04, 2011

Tracked Since Feb 18, 2026