1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: PowerTCP FTP Activex BO

Web Attack: PowerTCP FTP Activex BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature will detect attempts to exploit a Buffer Overflow Vulnerability in Dart Communications PowerTCP FTP for ActiveX control.

Additional Information

PowerTCP FTP for ActiveX is an ActiveX control that uses an FTP client.

The application is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

The issue affects the 'SecretKey' property of the control identified by CLSID:

39FDA070-61BA-11D2-AD84-00105A17B608

An attacker can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.

The issue affects PowerTCP FTP for ActiveX 2.0.2.0; other versions may also be affected.

Affected

  • The issue affects PowerTCP FTP for ActiveX 2.0.2.0; other versions may also be affected.

Response

Download and install all vendor patches related to this vulnerability.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube