E DB-ID: 7875 CVE: 2009-0351 Author: Joe Walko Type: Remote Platform: Windows Date: 2009-01-26 Vulnerable App: WinFTP Server 2.3.0 Key Information: Summary: The exploit targets a remote buffer overflow in WinFTP Server 2.3.0's handling of the LIST command, specifically affecting authenticated users. Exploit Details: The exploit script is written in Perl and demonstrates how to trigger the vulnerability and achieve a command shell on the target system. Exploit Usage: - - - Vulnerability Description: The exploit uses a specially crafted LIST command to cause memory corruption in the target FTP server. This overflow allows for arbitrary memory overwrites, enabling EIP control and ultimately leading to the execution of shellcode. Shellcode Details: The shellcode is designed to bind a shell to port 7777 for Windows 2000 or to cause a Denial of Service for WINDOWS XP SP2/3 systems.