Users login

Create an account »


Users login

Home » Hacking News » BlackMoon FTPd Buffer Overflow Vulnerability

BlackMoon FTPd Buffer Overflow Vulnerability

by Nikola Strahija on January 16th, 2002 The BlackMoon FTP server is vulnerable to a buffer overflow condition. Due to the nature of these problems, this could lead to arbitrary code execution on a target machine.

More specifically, the buffer which handles the received data before
parsing it was incorrectly declared static in below code.

CBuffer::CBuffer(const char * data, int len, int capacity_inc)
bf_head = (char*)&staticBuf; //(char*)malloc(len * sizeof(char));
if(bf_head != NULL)
bf_capacity = sizeof(staticBuf); //len;
bf_current_size = len;
bf_capacity_inc = capacity_inc;

Due to this error, it is possible to overflow this buffer through several
of the standard ftp commands available to the user (specifically 'USER',
'PASS' and 'CWD') followed by a string of data sized more than 4096 bytes.

This will kill the BlackMoon FTP service (which runs under the local SYSTEM
account) and allows for overwriting of EIP.

Upgrade to BlackMoon FTP v1.5, Release #2, Build 1550. Get it from

Tested on against BlackMoon FTP v1.5 (Release #1 Build 1547). Vulnerable versions down to 1.0,
Release #1, Build 1115. Found by SNS Research.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »