EFTP Buffer Overflow Network Vulnerability

Summary

It was possible to crash the EFTP service by uploading a *.lnk file containing too much data. A cracker may use this attack to make this service crash continuously, or run arbitrary code on your system.

Solution

upgrade EFTP to 2.0.8.x

Severity

Classification

CVE CVE-2001-1112

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Microsoft RPC Interface Buffer Overrun (823980)
FreeSSHD Key Exchange Buffer Overflow
Open WebMail vacation.pl Arbitrary Command Execution
CA License Service Multiple Vulnerabilities
Delegate Multiple Overflows

EFTP buffer overflow

Take action and discover your vulnerabilities