CNNVD-202508-2545 Information
CNNVD ID
CNNVD-202508-2545
Related CVE
- CNNVD Published: 2025-08-21
Description (Chinese)
Seagull FTP Client是美国Seagull公司的一个FTP客户端软件。 Seagull FTP Client v3.3 Build 409及之前版本存在安全漏洞,该漏洞源于FTP目录列表解析器未验证文件名长度,可能导致栈缓冲区溢出和执行任意代码。
Description (English)
Seagull FTP Clinic is an FTP client of Seagull USA. There is a security loophole in Seagull FTP Clinic v. 3.3 Build 409 and earlier versions, which stems from the fact that the FTP Catalogue Parser does not verify the length of the file name, which may result in an spill over the fence and the implementation of any code.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Seagull
Published
2025-08-21
Last Modified
2026-02-24
References
https://www3.rocketsoftware.com/bluezone/help/v34/sftp/sftp.htm https://www.vulncheck.com/advisories/seagull-ftp-stack-buffer-overflow https://www.exploit-db.com/exploits/16705 http://bluezone.rocketsoftware.com/products/secure-managed-file-transfer/bz-secure-ftp/at-a-glance https://web.archive.org/web/20120102094617/ https://www.corelan.be/index.php/2010/10/12/death-of-an-ftp-client/ https://web.archive.org/web/20111016194057/ https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/seagull_list_reply.rb https://nvd.nist.gov/vuln/detail/CVE-2010-20007
Patch
https://www.rocketsoftware.com/
Share on: