Ayukov NFTPD is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition.
Ayukov NFTPD 2.0 and prior versions are vulnerable.
Information
Bugtraq ID: 101602Class: Boundary Condition Error
CVE: CVE-2017-15222
Remote: Yes
Local: No
Published: Oct 21 2017 12:00AM
Updated: Nov 06 2017 01:05PM
Credit: Berk Cem Göksel
Vulnerable: Ayukov NFTPD 2.0
Ayukov NFTPD 1.8
Ayukov NFTPD 1.72
Ayukov NFTPD 1.71
Not Vulnerable:
Exploit
The following exploit is available: