VULHUB ™

Floosietek FTGate is prone to multiple remote vulnerabilities. These issues are identified as buffer overflow, format string, and cross-site scripting vulnerabilities. Successful exploitation of the buffer overflow and format string vulnerabilities could result in a denial of service or execution of arbitrary code in the context of the affected server process. An attacker may leverage the cross-site scripting issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. FTGate 4.4 (build 4.4.000) is reportedly vulnerable to these issues; other versions may also be affected.

Floosietek FTGate is prone to multiple remote vulnerabilities. These issues are identified as buffer overflow, format string, and cross-site scripting vulnerabilities. Successful exploitation of the buffer overflow and format string vulnerabilities could result in a denial of service or execution of arbitrary code in the context of the affected server process. An attacker may leverage the cross-site scripting issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. FTGate 4.4 (build 4.4.000) is reportedly vulnerable to these issues; other versions may also be affected.