logo_clicknbuy.png

CVE-2012-10023 – FreeFloat FTP Server Stack-Based Buffer Overflow Vulnerability

The following table lists the changes that have been made to the
CVE-2012-10023 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by [email protected]

    Aug. 05, 2025

    Action Type Old Value New Value
    Added Description A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. The server fails to properly validate input passed to the USER command, allowing remote attackers to overwrite memory and potentially execute arbitrary code. The flaw is triggered by sending an overly long username string, which overflows the buffer allocated for user authentication.
    Added CVSS V4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
    Added CWE CWE-121
    Added Reference https://my.saintcorporation.com/cgi-bin/exploit_info/freefloat_ftp_server_user_cmd
    Added Reference https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/freefloatftp_user.rb
    Added Reference https://web.archive.org/web/20101208040029/http://secunia.com/advisories/42465/
    Added Reference https://web.archive.org/web/20101213050627/http://www.freefloat.com/sv/about-/about-.php
    Added Reference https://www.exploit-db.com/exploits/15689
    Added Reference https://www.exploit-db.com/exploits/23243
    Added Reference https://www.vulncheck.com/advisories/freefloat-ftp-server-user-command-buffer-overflow
Share the Post:

Related Posts