XM Easy FTP Server USER Command Buffer Overflow

High Nessus Plugin ID 21338


The remote FTP server is affected by a buffer overflow flaw.


The remote host appears to be using XM Easy FTP Server, a personal FTP server for Windows.

The version of XM Easy FTP Server installed on the remote host contains a buffer overflow vulnerability that can be exploited by an unauthenticated user with a specially crafted USER command to crash the affected application or execute arbitrary code on the affected host.


Unknown at this time.

See Also


Plugin Details

Severity: High

ID: 21338

File Name: xm_easy_ftp_user_overflow.nasl

Version: $Revision: 1.20 $

Type: remote

Family: FTP

Published: 2006/05/11

Modified: 2014/05/27

Dependencies: 10092

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:POC/RL:U/RC:ND

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2006/05/03

Exploitable With

Core Impact

Reference Information

CVE: CVE-2006-2225

BID: 17836

OSVDB: 25277