Vulnerabilities > CVE-2003-0558 - Remote Security vulnerability in Leapware Leapftp 2.7.3.600

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
leapware
exploit available
metasploit
NVD
Published: 2003-08-18
Updated: 2016-10-18

Summary

Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request.

Vulnerable Configurations

Part Description Count
Application
Leapware
1

Exploit-Db

  • descriptionLeapWare LeapFTP v2.7.3.600 PASV Reply Client Overflow. CVE-2003-0558. Remote exploit for windows platform
    idEDB-ID:16708
    last seen2016-02-02
    modified2010-04-30
    published2010-04-30
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16708/
    titleLeapWare LeapFTP 2.7.3.600 - PASV Reply Client Overflow
  • descriptionLeapFTP 2.7.x Remote Buffer Overflow Exploit. CVE-2003-0558. Remote exploit for windows platform
    idEDB-ID:54
    last seen2016-01-31
    modified2003-07-12
    published2003-07-12
    reporterdrG4njubas
    sourcehttps://www.exploit-db.com/download/54/
    titleLeapFTP 2.7.x - Remote Buffer Overflow Exploit

Metasploit

descriptionThis module exploits a buffer overflow in the LeapWare LeapFTP v2.7.3.600 client that is triggered through an excessively long PASV reply command. This module was ported from the original exploit by drG4njubas with minor improvements.
idMSF:EXPLOIT/WINDOWS/FTP/LEAPFTP_PASV_REPLY
last seen2020-05-23
modified2017-11-08
published2007-09-09
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0558
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/ftp/leapftp_pasv_reply.rb
titleLeapWare LeapFTP v2.7.3.600 PASV Reply Client Overflow

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/83033/leapftp_pasv_reply.rb.txt
idPACKETSTORM:83033
last seen2016-12-05
published2009-11-26
reporterPatrick Webster
sourcehttps://packetstormsecurity.com/files/83033/LeapWare-LeapFTP-v2.7.3.600-PASV-Reply-Client-Overflow.html
titleLeapWare LeapFTP v2.7.3.600 PASV Reply Client Overflow

References