CVE-2010-10014

Odin Secure FTP <= 4.1 is vulnerable to a stack-based buffer overflow when parsing directory listings received in response to an FTP LIST command. A malicious FTP server can send an overly long filename in the directory listing, which overflows a fixed-size stack buffer in the client and overwrites the Structured Exception Handler (SEH). This allows remote attackers to execute arbitrary code on the client system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
VulnCheckCNA
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Common Weakness Enumeration
References
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/odin_list_reply.rb
https://web.archive.org/web/20111007123101/http://odinshare.com/secure-ftp-expert.html
https://web.archive.org/web/20111016194057/https://www.corelan.be/index.php/2010/10/12/death-of-an-ftp-client/
https://www.exploit-db.com/exploits/16716
https://www.vulncheck.com/advisories/odin-secure-ftp-stack-buffer-overflow-via-list-response
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/odin_list_reply.rb
https://www.exploit-db.com/exploits/16716