This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to exploit a buffer overflow vulnerability in AASync 'LIST' Command which may result in arbitrary code execution.
AASync is an FTP file transfer program for Microsoft Windows platforms.
The application is prone to a stack-based buffer-overflow vulnerability because it fails to properly validate the filenames sent as response to the 'LIST' command in FTP connections before copying them into an insufficiently sized buffer. Attackers can leverage this issue to corrupt and overwrite memory. This may allow them to change the flow of execution and gain control of the affected application.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
- AASync 18.104.22.168 is vulnerable; other versions may also be affected.