VULHUB ™

It has been reported that WS_FTP Pro client may be prone to a remote buffer overflow vulnerability that may allow an attacker to execute arbitrary code on a vulnerable system in order to gain unauthorized access. The issue is reported to present itself when the client views directory listings containing files and directory names of excessive length without a terminating CR/LF character. This vulnerability exists in WS_FTP Pro version 8.0.3, which was released to fix the WS_FTP Pro Client Remote Buffer Overflow Vulnerability described in BID 9872. It has been reported that the fixed version limits user-supplied data to 0x0200 bytes; however, the buffer is allocated to 0x0100 bytes. Although this issue is reported to affect WS_FTP Pro 8.0.3, it is quite likely that it affects previous versions as well.

It has been reported that WS_FTP Pro client may be prone to a remote buffer overflow vulnerability that may allow an attacker to execute arbitrary code on a vulnerable system in order to gain unauthorized access. The issue is reported to present itself when the client views directory listings containing files and directory names of excessive length without a terminating CR/LF character. This vulnerability exists in WS_FTP Pro version 8.0.3, which was released to fix the WS_FTP Pro Client Remote Buffer Overflow Vulnerability described in BID 9872. It has been reported that the fixed version limits user-supplied data to 0x0200 bytes; however, the buffer is allocated to 0x0100 bytes. Although this issue is reported to affect WS_FTP Pro 8.0.3, it is quite likely that it affects previous versions as well.