ID
VAR-E-201005-1001
TITLE
Rumba FTP Client 'FTPSFtp.dll' ActiveX Control Buffer Overflow Vulnerability
Trust: 0.3
DESCRIPTION
Rumba FTP client ActiveX control is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
Successful exploits may allow an attacker to execute arbitrary code in the context of a user running the affected application. Failed attempts will likely result in denial-of-service conditions.
The issue affects Rumba FTP client version 4.2.0.0.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | netmanage | model: | rumba ftp | scope: | eq | version: | 4.2 | Trust: 0.3 |
| vendor: | netmanage | model: | rumba ftp | scope: | ne | version: | 4.2.3 | Trust: 0.3 |
EXPLOIT
The following exploit is available:
Bullet list:
<li><a href="/data/vulnerabilities/exploits/40309.html">/data/vulnerabilities/exploits/40309.html</a></li>
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Boundary Condition Error
Trust: 0.3
CREDITS
sinn3r
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 40309 | Trust: 0.3 |
REFERENCES
| url: | http://support.microsoft.com/kb/240797 | Trust: 0.3 |
| url: | http://www.netmanage.com/products/rumba/rumba_features.asp | Trust: 0.3 |
SOURCES
| db: | BID | id: | 40309 |
LAST UPDATE DATE
2022-07-27T09:40:59.272000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 40309 | date: | 2010-05-21T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 40309 | date: | 2010-05-21T00:00:00 |