CNNVD-202507-3907 Information

CNNVD ID

CNNVD-202507-3907

Related CVE

CVE-2013-10042

• CNNVD Published: 2025-07-31

Description (Chinese)

freeFTPd是freeFTPd的一款开源的FTP（文件传输协议）服务器。 freeFTPd 1.0.10及之前版本存在安全漏洞，该漏洞源于处理FTP PASS命令时边界检查不当，可能导致内存损坏和任意代码执行。

Description (English)

FreeFTPd is an open source FTP (file transfer protocol) server for freeFTPd. FreeFTPd 1.0.10 and previous versions contain a security loophole, which arises from inadequate border checks when processing FTP PASS orders, which may result in memory damage and arbitrary code enforcement.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

freeFTPd

Published

2025-07-31

Last Modified

2026-02-24

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/freeftpd_pass.rb https://www.exploit-db.com/exploits/27747 https://www.vulncheck.com/advisories/freeftpd-pass-command-stack-based-buffer-overflow

Patch

https://www.npackd.org/p/com.freesshd.FreeFTPD/1.0.13