Vulnerabilities > CVE-2013-4730 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcman'S FTP Server Project Pcman'S FTP Server 2.0.7
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USER command.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Buffer Overflow via Environment Variables This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
- Overflow Buffers Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
- Client-side Injection-induced Buffer Overflow This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
- Filter Failure through Buffer Overflow In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
- MIME Conversion An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
Exploit-Db
description PCMan's FTP Server 2.0 - Remote Buffer Overflow Exploit. CVE-2013-4730. Remote exploit for windows platform id EDB-ID:26495 last seen 2016-02-03 modified 2013-06-30 published 2013-06-30 reporter Chako source https://www.exploit-db.com/download/26495/ title PCMan's FTP Server 2.0 - Remote Buffer Overflow Exploit description PCMan's FTP Server 2.0.7 - Buffer Overflow Exploit. CVE-2013-4730. Remote exploit for windows platform file exploits/windows/remote/26471.py id EDB-ID:26471 last seen 2016-02-03 modified 2013-06-27 platform windows port 21 published 2013-06-27 reporter Jacob Holcomb source https://www.exploit-db.com/download/26471/ title PCMan's FTP Server 2.0.7 - Buffer Overflow Exploit type remote description PCMAN FTP 2.07 - Buffer Overflow Exploit. CVE-2013-4730. Remote exploit for windows platform id EDB-ID:31789 last seen 2016-02-03 modified 2014-02-20 published 2014-02-20 reporter Sumit source https://www.exploit-db.com/download/31789/ title PCMAN FTP 2.07 - Buffer Overflow Exploit description PCMAN FTP 2.07 PASS Command - Buffer Overflow. CVE-2013-4730. Remote exploit for windows platform id EDB-ID:27277 last seen 2016-02-03 modified 2013-08-02 published 2013-08-02 reporter Ottomatik source https://www.exploit-db.com/download/27277/ title PCMAN FTP 2.07 PASS Command - Buffer Overflow description PCMAN FTP 2.07 STOR Command - Buffer Overflow Exploit. CVE-2013-4730. Remote exploit for windows platform id EDB-ID:27703 last seen 2016-02-03 modified 2013-08-19 published 2013-08-19 reporter Polunchis source https://www.exploit-db.com/download/27703/ title PCMAN FTP 2.07 STOR Command - Buffer Overflow Exploit description PCMan FTP Server 2.0.7 - Remote Exploit (msf). CVE-2013-4730. Remote exploit for windows platform id EDB-ID:27007 last seen 2016-02-03 modified 2013-07-22 published 2013-07-22 reporter MSJ source https://www.exploit-db.com/download/27007/ title PCMan FTP Server 2.0.7 - Remote Exploit msf description PCMAN FTP 2.07 ABOR Command - Buffer Overflow Exploit. CVE-2013-4730. Remote exploit for windows platform id EDB-ID:31254 last seen 2016-02-03 modified 2014-01-29 published 2014-01-29 reporter Mahmod Mahajna (Mahy) source https://www.exploit-db.com/download/31254/ title PCMAN FTP 2.07 ABOR Command - Buffer Overflow Exploit description PCMAN FTP 2.07 CWD Command - Buffer Overflow Exploit. CVE-2013-4730. Remote exploit for windows platform id EDB-ID:31255 last seen 2016-02-03 modified 2014-01-29 published 2014-01-29 reporter Mahmod Mahajna (Mahy) source https://www.exploit-db.com/download/31255/ title PCMAN FTP 2.07 CWD Command - Buffer Overflow Exploit description PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (MSF). CVE-2013-4730. Remote exploit for windows platform id EDB-ID:28328 last seen 2016-02-03 modified 2013-09-17 published 2013-09-17 reporter Rick Flores source https://www.exploit-db.com/download/28328/ title PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit MSF description PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow. CVE-2013-4730. Remote exploit for windows platform id EDB-ID:38013 last seen 2016-02-04 modified 2015-08-29 published 2015-08-29 reporter Koby source https://www.exploit-db.com/download/38013/ title PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow description PCMan FTP Server 2.0.7 - Buffer Overflow - MKD Command. CVE-2013-4730. Remote exploit for windows platform id EDB-ID:36078 last seen 2016-02-04 modified 2015-02-14 published 2015-02-14 reporter R-73eN source https://www.exploit-db.com/download/36078/ title PCMan FTP Server 2.0.7 - Buffer Overflow - MKD Command
Metasploit
description This module exploits a buffer overflow vulnerability found in the STOR command of the PCMAN FTP v2.07 Server when the "/../" parameters are also sent to the server. Please note authentication is required in order to trigger the vulnerability. The overflowing string will also be seen on the FTP server log console. id MSF:EXPLOIT/WINDOWS/FTP/PCMAN_STOR last seen 2020-06-10 modified 2018-08-20 published 2013-09-20 references https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4730 reporter Rapid7 source https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/ftp/pcman_stor.rb title PCMAN FTP Server Post-Authentication STOR Command Stack Buffer Overflow description This module exploits a buffer overflow vulnerability found in the PUT command of the PCMAN FTP v2.0.7 Server. This requires authentication but by default anonymous credentials are enabled. id MSF:EXPLOIT/WINDOWS/FTP/PCMAN_PUT last seen 2020-06-10 modified 2018-08-20 published 2016-01-26 references https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4730 reporter Rapid7 source https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/ftp/pcman_put.rb title PCMAN FTP Server Buffer Overflow - PUT Command
Saint
| bid | 60837 |
| description | PCMan FTP Server MKD buffer overflow |
| osvdb | 94624 |
| title | pcman_ftpd_mkd |
| type | remote |
References
- http://infosec42.blogspot.com/2013/06/unauthenticated-pcman-ftp-207-buffer.html
- http://infosec42.blogspot.com/2013/06/unauthenticated-pcman-ftp-207-buffer.html
- http://osvdb.org/show/osvdb/94624
- http://osvdb.org/show/osvdb/94624
- http://www.exploit-db.com/exploits/26471
- http://www.exploit-db.com/exploits/26471
- http://www.securityfocus.com/bid/60837
- http://www.securityfocus.com/bid/60837