Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
Severity: High
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.Description
This signature detects a buffer-overflow vulnerability in the FlashGet FTP which is a freeware download manager.Additional Information
FlashGet is a freeware download manager for Microsoft Windows.The application is prone to a stack-based buffer-overflow vulnerability because it fails to properly validate the 'PWD' response in FTP connections before copying it into an insufficiently sized buffer. Attackers can leverage this issue to corrupt the application's stack and overwrite the contents of the memory and function pointers. Either of these techniques can be used to change the flow of execution and gain control of the affected application.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Affected
- FlashGet 1.9 is vulnerable; other versions may also be affected.