LeapFTP < 2.7.4.x PASV Reply Remote Overflow
High Nessus Plugin ID 11705
SynopsisThe remote host is running an FTP client that is affected by a buffer overflow vulnerability.
DescriptionThe remote host is running LeapFTP - an FTP client.
There is a flaw in the remote version of this software that could allow an attacker to execute arbitrary code on this host.
To exploit it, an attacker would need to set up a rogue FTP server and have a user on this host connect to it.
SolutionUpgrade to version 2.7.4.x or newer as this reportedly fixes the issue.