VULHUB ™

It has been reported that Cerberus FTP Server may be prone to a buffer overflow condition, which may allow an attacker to gain unauthorized access to a vulnerable system. The issue is caused due to insufficient boundary checking. An attacker may leverage the issue by exploiting an unbounded memory copy operation to overwrite the saved return address/base pointer, causing an affected procedure to return to an address of their choice. Cerberus version 2.11 BETA and prior may be vulnerable to this issue. This BID will be updated as more information becomes available.

It has been reported that Cerberus FTP Server may be prone to a buffer overflow condition, which may allow an attacker to gain unauthorized access to a vulnerable system. The issue is caused due to insufficient boundary checking. An attacker may leverage the issue by exploiting an unbounded memory copy operation to overwrite the saved return address/base pointer, causing an affected procedure to return to an address of their choice. Cerberus version 2.11 BETA and prior may be vulnerable to this issue. This BID will be updated as more information becomes available.