VULHUB ™

Frox is a freely available, open source FTP proxy software package. It is maintained by public domain, and indexed by Sourceforge. frox is vulnerable to a buffer overflow. If the caching option is enabled, a file downloaded from a long path can overflow a routine that writes the header file information. This makes it possible for a malicious ftp server to spawn a shell allowing local access on a system running the vulnerable software. The frox program is typically not a root-run process.

Frox is a freely available, open source FTP proxy software package. It is maintained by public domain, and indexed by Sourceforge. frox is vulnerable to a buffer overflow. If the caching option is enabled, a file downloaded from a long path can overflow a routine that writes the header file information. This makes it possible for a malicious ftp server to spawn a shell allowing local access on a system running the vulnerable software. The frox program is typically not a root-run process.