CVE-2011-5012

Attachmate Reflection - Heap-based Buffer Overflow via Long Directory Name in FTP LIST Response

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-5012. PoCs published by Francis Provencher.

AI-analyzed exploit summary This exploit targets a heap overflow vulnerability in Attachmate Reflection FTP Client by sending an overly long directory name in response to a LIST command, leading to remote code execution.

Description

Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command.

Exploits (1)

exploitdb WORKING POC

by Francis Provencher · rubydoswindows

https://www.exploit-db.com/exploits/18119

View Code ZIP pw:eip

This exploit targets a heap overflow vulnerability in Attachmate Reflection FTP Client by sending an overly long directory name in response to a LIST command, leading to remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Attachmate Reflection FTP Client

No auth needed

Prerequisites: Network access to the target FTP client · Target must initiate a LIST command

MITRE ATT&CK